Part III. Security

Table of Contents

1. Security

General considerations

Installed as CGI binary

Possible attacks
Case 1: only public files served
Case 2: using --enable-force-cgi-redirect
Case 3: setting doc_root or user_dir
Case 4: PHP parser outside of web tree

Installed as an Apache module

Filesystem Security

Database Security

Designing Databases
Connecting to Database
Encrypted Storage Model
SQL Injection

Error Reporting

Using Register Globals

User Submitted Data

Keeping Current

<< Spotting References	Main : Security	Security >>
This page online Report a bug

This HTML Help has been published using the chm2web software.