Top Ten Security Vulnerabilities in PHP Code !

1. Unvalidated Parameters Most importantly, turn off register_globals. This configuration setting defaults to off in PHP 4.2.0 and later. Access values from URLs, forms, and cookies through the superglobal arrays $_GET, $_POST, and $_COOKIE. Before you use values from...

Security and Hardening Tips for PHP

Disable sensetive functions in PHP Edit the php.ini file : sudo vi /etc/php5/apache2/php.ini Add or edit the following lines an save : disable_functions = exec,system,shell_exec,passthru,etc ...... register_globals = Off expose_php = Off display_errors = Off...