PHP Security precautions

Security precautions before you start using PHP on your Apache server, step by step

Introduction – what is PHP?

PHP is a server side scripting language. You can embed PHP code in your web pages along with HTML. When your server receives a request for a page, it first gives the page to the PHP handler program. The PHP handler outputs HTML code as-is, but when it encounters PHP commands, it executes them. Any HTML generated by the PHP commands is also output. The end result is a web page with content that has been customized on the server before being sent to whoever requested it.

PHP has capabilities that make it a potential security risk:

  • It can receive and process data from the “outside world”
  • It can be programmed to actively fetch data from anywhere on the internet
  • It is able to read and write files on the server

 

 

Comments

Comments are closed.