PHP safely, tips 0 day

Based on PHP tools that can deal with different types of attacks.
Common types of PHP attacks.

PHP safely, tips 0 day

php security by garanet

XSStype Cross-site scripting is a vulnerability in PHP web applications, which attackers can exploit to steal user information. You can configure Apache and PHP scripts more securely (validate all user input) to avoid XSS attacks.

SQL injection – it is a database-level vulnerability of a PHP application. When user input is incorrectly filtered, any SQL statement can be executed by the application. You can configure Apache and write secure code to avoid SQL injection attacks. A common practice in PHP is to avoid parameters by using the function called mysql_real_escape_string () before sending the SQL query.

Files Uploads – allows the visitor to post files (upload files) to the server. This can result in various security problems such as deleting files, deleting databases, obtaining user details, and much more. You can disable file upload using PHP or write some secure code (like user input validation and only allow image file types like png or gif).

Inclusion of local and remote files – An attacker can open a file from a remote server and execute any PHP code. This allows you to upload files, delete files and install backdoors. You can configure PHP to disable remote file execution.

EVAL()evaluation of a string as PHP code. This is often used by an attacker to hide their code and tools on the server itself. You can configure PHP to disable Eval ().

Sea-surf Attack (Cross-site forgery required – CSRF) – this attack forces the user to perform unwanted actions on a web application in which they are currently authenticated. The success of a CSRF exploit can compromise end-user data and function in the case of a normal user. If the targeted end-user is the administrator account, this can compromise the entire web application.

Follow the tips below to limit the risks of your PHP server.

Restrict the display of PHP server information by disabling the expose_php directive in the php.ini configuration file.

#:~$ sudo vi /etc/php.ini
expose_php = off

Minimize PHP loadable modules, you can disable modules that are not needed, rename or move modules within the /etc/php.d/ directory.

Disable a module

#:~$ cd /etc/php.d/
#:~$ sudo mv gd.ini gd.disable
#:~$ sudo service apache2 restart

Enable a module

#:~$ cd /etc/php.d/
#:~$ sudo mv gd.disable gd.ini
#:~$ sudo service apache2 restart

Logs all PHP errors
Don’t expose PHP error messages to all site visitors.
Edit /etc/php.d/security.ini and set the following directive:

display_errors=Off     
    log_errors=On
    error_log=/var/log/apache2/php_scripts_error.log

Disable remote code execution or limit size.
Edit /etc/php.d/security.ini and set the following directive that disables uploading of files for security reasons:

file_uploads=Off

If the application users need to upload files, activate this feature by setting the limits and the maximum size of the files that PHP will accept through upload:

file_uploads=On
    # l'utente puó solo caricare file di 1MB via php
    upload_max_filesize=1M

Disable remote code execution
When enabled the allow_url_fopen allows PHP functions such as file_get_contents () and including the file to request instructions – it can retrieve data from remote locations, such as an FTP server or website. Edit /etc/php.d/security.ini and set the following directive:

allow_url_fopen=Off
    allow_url_include=Off

Enable SQL Safe Mode
Edit the /etc/php.d/security.ini file by configuring this directive:

sql.safe_mode=On

Check POST size
Edit the /etc/php.d/security.ini file by configuring this directive:

; Set un valore reale qui
    post_max_size=1K

DoS resource control
Edit the /etc/php.d/security.ini file by configuring this directive:

# set in seconds
    max_execution_time =  30
    max_input_time = 30
    memory_limit = 40M

Deactivate dangerous PHP functions if not needed.
Edit the /etc/php.d/security.ini file by configuring this directive:

disable_functions =exec,passthru,shell_exec,system,proc_open,popen,curl_exec,curl_multi_exec,parse_ini_file,show_source

Restrict PHP Access to the File System
Edit the /etc/php.d/security.ini file by configuring this directive:

; Limits the PHP process from accessing files outside
    ; of specifically designated directories such as /var/www/html/
    open_basedir="/var/www/html/"
    ; ------------------------------------
    ; Multiple dirs example
    ; open_basedir="/home/httpd/vhost/cyberciti.biz/html/:/home/httpd/vhost/nixcraft.com/html/:/home/httpd/vhost/theos.in/html/"
    ; ------------------------------------

Restart Apache to apply the changes.

#:~$ sudo service apache2 restart

Now the PHP Server is safe!


PHP