Web Development PHP Programming - Learn PHP
 Developer Newsletter

Developer Tutorials
ASP
CGI & Perl
CSS
Flash
HTML
Java
JavaScript
Linux
MySQL
PHP
Photoshop
Python
Wireless
XML


Developer Manuals
Learn HTML
Learn PHP
Learn CSS
Learn Pear
Free White Papers



Scripts Directory
ASP Scripts
ASP.NET Scripts
CGI & Perl Scripts
Flash Scripts
Java Scripts
JavaScript Scripts
PHP Scripts
Python Scripts
Remotely Hosted Scripts
Tools & Utilities Scripts
XML Scripts

Web Hosting Directory
ASP.NET Hosting
Budget Web Hosting
Dedicated Servers
Linux Web Hosting
Shared Hosting
Small Business Hosting
Windows Web Hosting

Developer Resources
Developer Tools
Developer News
Developer Content
Developer Book Reviews
Survey Software
PHP Manual
PrevNext

Chapter 22. Introduction

PHP is a powerful language and the interpreter, whether included in a web server as a module or executed as a separate CGI binary, is able to access files, execute commands and open network connections on the server. These properties make anything run on a web server insecure by default. PHP is designed specifically to be a more secure language for writing CGI programs than Perl or C, and with correct selection of compile-time and runtime configuration options, and proper coding practices, it can give you exactly the combination of freedom and security you need.

As there are many different ways of utilizing PHP, there are many configuration options controlling its behaviour. A large selection of options guarantees you can use PHP for a lot of purposes, but it also means there are combinations of these options and server configurations that result in an insecure setup.

The configuration flexibility of PHP is equally rivalled by the code flexibility. PHP can be used to build complete server applications, with all the power of a shell user, or it can be used for simple server-side includes with little risk in a tightly controlled environment. How you build that environment, and how secure it is, is largely up to the PHP developer.

This chapter starts with some general security advice, explains the different configuration option combinations and the situations they can be safely used, and describes different considerations in coding for different levels of security.

PrevHomeNext
SecurityUpGeneral considerations






About the NetVisits, Inc Network | Advertise
Developer Tutorials hosted by HostGator.
Copyright ©2007 NetVisits, Inc Network. All Rights Reserved. Privacy Policy.
Visit other NetVisits, Inc. sites: