Security optimization configuration of php. ini in Centos server

(1) disable PHP functions. find 1disable_functions = this option. you can set which PHP functions are disabled.

(1) disable finding PHP functions

1	Disable_functions =

This option can be used to set which PHP functions are not allowed to be used. some functions in PHP are highly risky. you can directly execute some CentOS system-level script commands. if these functions are allowed to be executed, when a PHP program has a vulnerability, the loss is very serious! The recommended function settings are as follows:

1	Disable_functions = phpinfo, passthru, exec, system, popen, chroot, escapeshellcmd, escapeshellarg, shell_exec, proc_open, proc_get_status

Note: If your server contains some PHP programs for CentOS system status detection, do not disable shell_exec, proc_open, proc_get_status and other functions.

(2) find the PHP script execution time

1	Max_execution_time = 30

This option sets the maximum execution time of the PHP program. if a PHP script is requested and cannot be executed within max_execution_time, PHP will not continue to run, A timeout error is returned directly to the client. If this option is not required, the default setting is 30 seconds. if your PHP script needs to be executed for a long time, you can increase the setting accordingly.

(3) Find the memory occupied by PHP script processing

1	Memory_limit = 8 M

This option specifies the maximum memory occupied by PHP script processing. the default value is 8 MB. if your server memory is more than 1 GB, this option can be set to 12 MB for faster PHP script processing efficiency.

(4) PHP global function declaration found

1	Register_globals = Off

Many articles On PHP settings On the network recommend that you set this option to On. In fact, this is an extremely dangerous setting method, which may cause serious security problems. If you do not have special requirements, we strongly recommend that you keep the default settings!

(5) limit on the size of PHP files to be uploaded

1	Upload_max_filesize = 2 M

This option sets the maximum file size that PHP can upload. the default value is 2 MB. You can increase the setting as needed.
(6) check in several places
Search: display_errors
If it is On, change it to Off.
Search: magic_quotes_gpc
If it is Off, change it to On.