Admin-Ahead Community

Windows => General Windows => Topic started by: mohitht on March 07, 2014, 02:56:59 pm

Title: How to secure PHP sites in IIS
Post by: mohitht on March 07, 2014, 02:56:59 pm

Hi All,

PHP is an open source server side scripting language. It is secure but the wrong permissions/configurations leave the PHP scripts to vulnerable.

In order to avoid this just tweak the php.ini settings as follows


Edit the php.ini file and edit the contents in it

Code: [Select]


DISPLAY_ERRORS =Off
display_startup_errors = Off
log_errors = On
error_reporting = E_ALL




error_log = /home/.../phplog.txt
expose_php = Off

register_globals = Off

safe_mode = Off




check the changes by calling php function in the file

Code: [Select]

<?php

php_info();

?>





That's It :)