Shulou(Shulou.com)06/01 Report--

There are three settings in the php.ini configuration that may cause problems with the security of the website. So which three places are they? Let's look down with the editor. I'm sure it will help you.

First of all, we all know that all PHP source sites must be configured with the environment, whether they use the integrated environment or build their own manually. Perhaps few people have paid attention to the role of these things configured in php.ini. Many webmasters find a tutorial online when setting up php.ini files, and then people say where to add and where to delete step by step. But there are really two things that can cause website security problems.

Some people will say, how can there be security problems on a php.ini file? is it difficult for hiker to attack my php.ini file?

This is not true, but the mode of operation will provide a window for hiker, see the configuration steps below.

Take the installation of PHP on a windows system as an example, the settings of all versions of php.ini files are almost the same. Go to the official website to download the required PHP version, then unzip it and rename it.

If you install php7.4, install it in the D root directory of the server "target=" _ blank "href=" http://undefined"> server: download the Non-Thread Safe (NTS) version of the PHP program, unzip it, rename it to the "php" folder, and copy it to the D root directory.

Open the php.ini-development file under D:\ php, make a copy and rename it to php.ini, and open the D:\ php\ php.ini file. Here is the complete configuration process.

1. Change short_open_tag = Off to

Short_open_tag = On

The effect of this modification is that the template files of some websites are used, such as

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.