Editor note: This was originally posted on 25yearsofprogramming.com which has since gone offline
Security precautions before you start using PHP on your Apache server, step by step
Introduction – what is PHP?
PHP is a server side scripting language. You can embed PHP code in your web pages along with HTML. When your server receives a request for a page, it first gives the page to the PHP handler program. The PHP handler outputs HTML code as-is, but when it encounters PHP commands, it executes them. Any HTML generated by the PHP commands is also output. The end result is a web page with content that has been customized on the server before being sent to whoever requested it.
PHP has capabilities that make it a potential security risk:
- It can receive and process data from the “outside world”
- It can be programmed to actively fetch data from anywhere on the internet
- It is able to read and write files on the server
If you have a website, you can expect to be under constant attack from robots attempting to a) “send in” malicious data and scripts from the outside world, b) trick your server into fetching malicious scripts and running them, c) read and write files on your server. Their goal is to take control of your site and use it for their own purposes.
This article gives configuration settings for PHP and rules for PHP coding that are effective at blocking the most common types of attacks. The configuration lines are few and the rules are simple.
There are two files where PHP configuration commands can go: php.ini or Apache .htaccess.
You should use php.ini as your first choice, if you can. You should be able to use it if:
- You are on shared hosting at a webhost that uses suPHP or any other configuration that allows individual users to create their own php.ini files. If in doubt, ask them.
- You are on dedicated hosting (your own rented server), or
- You host your own website on your own server.
- Comments Off on Secure Settings for PHP on Apache
Apple phones have a Find my iPhone feature, did you know that Android phones have something similar?
You can ring your lost phone on a webpage using a desktop computer, or on an app using a tablet or other device.
The webpage is called Android Device Manager, and can be found here: https://www.google.com/android/devicemanager
You can also lock or erase your device if it’s lost.
The app is called Android Device Manager and can be found in the Google Play store, or here: https://play.google.com/store/apps/details?id=com.google.android.apps.adm
Finally, another option if you can’t find your phone around the house, but don’t have access to another phone to call it is: www.wheresmycellphone.com
If you have an after market hard disk drive 500GB – 1TB chances are your PS3 was bricked by the latest update. You can fix it yourself in 3 easy steps.
- Power OFF the PS3
- Press and HOLD the power key until the system power cycles three times
- Re-update your firmware.
Why does this work? The 1st boot is normal. The 2nd boot is video reset mode. The 3rd boot is safe mode, bypassing the broken firmware.
- Comments Off on How to fix a PS3 Bricked by Update 4.45
Motorola released the newest update to their tablet line with the new Xyboard (unofficially the Xoom 2).? With the recent underwhelming release of the newest iPad, it’s curious if this tablet could finally catch up and overcome the barriers that separate the Android vs. iOS tablet offering.
It has a large screen, comes with a great battery life, supports 4G LTE Internet speeds and looks gorgeous…ingredients for success, but is it enough to warrant my vote over the newest iPad?? Let’s find out:
Read more about the Motorola Xyboard Review
- Comments Off on Motorola Xyboard Review
We are just 5 days away from the first day of spring! The spring season is most famous for its call to cleaning, and what better place to start than your computer!
We all forget how computers, just like our desks and closets, need to be cleaned; externally and internally.
I’ll be going through a few tips this month on the best practices to start cleaning up your computer.? Follow all these tips and you’ll be on your way to a cleaner, faster and better computer experience!
This post brought to you by HP*. Whether your organization is moving to the cloud or is yet undecided, the HP Pathways to Cloud event is the best way to explore the technologies, learn the strategies, and prepare to lay a secure, high performance foundation for an agile IT environment This is a must-see event that includes something for anyone involved in Enterprise IT.
HP Cloud Event dates and locations: Mar 15 Seattle | Mar 21 Dallas | Mar 22 Atlanta | Mar 28 Washington DC | Mar 29 Chicago | Apr 3 NYC | Apr 5 Phoenix | Apr 11 Denver | Apr 12 Cincinnati | Apr 18 Tampa | Apr 19 San Francisco
Register today and attend the event for your chance to win an HP TouchSmart PC. Powered by the 2nd Generation Intel? Core? processor. View Agenda.
*About this sponsored post. This site is not directly compensated, but? will be entered into a drawing for an HP server for posting this information. If awarded, we will give the server to a lucky reader in a future contest.
- Comments Off on HP Cloud Events [SPONSORED]
First it was minutes, then it was texting and now it will be data.? Shared family plans for data are just around the corner from the major wireless providers and it’s about time!
I have 5 phones on my family plan, 4 are smart phones.? I was ‘lucky‘ enough to get all of them on the unlimited data plan for $30 bucks a month before that plan was nixed, but when closely examining the usage, I find that barely any of them exceed 2 gigs a month!? Today, WiFi availability is so mainstream that there is a limited call for unbounded data usage, and I could save a bundle on a family shared plan.
Read more on Family Data Plans
- Comments Off on Time for Family Data Plans
The new iPad HD was released this afternoon by Apple and I am not on board with the bandwagon that seems to be marveled by the newest Cupertino based offering.
The iPad boasts a new higher resolution, a faster processor and…well, that’s mainly about it.? The name hasn’t even been confirmed! Is it the iPad3, the iPad HD? It should be called the iPad2s, but Apple just has it as the ‘iPad’ on their website.? If I call into Apple support, do I get support for the newest generation of iPad even if I have the original iPad?
Read more about the why the new iPad is not Impressive
- Comments Off on iPad HD is iBoring
The new Windows 8 Customer Preview is finally here! Microsoft released the customer preview for its newest operating system Windows 8 earlier last week in Spain.? The obvious successor to a successful Windows 7, Microsoft now aims to couple an offering that blends the tablet, smartphone and desktop environment to one mold.
Download a copy of the newest preview straight from Microsoft here, and load it on a spare hard drive or a virtual machine to play around with the new look.
Read more about Windows 8 Customer Preview
- Comments Off on Download Windows 8 Customer Preview
Pinterest is the newest wave of social networking that has swept the internet and added an explosion of new users in the past few months.? Pinterest is a social site where users create virtual pin-boards to share, collect, organize and display all of their interests from the web; an online pinning cork board!
The site has seen exponential growth in its user base for its well designed site, passionate group of users and appeal to the mass crowd for an organization method everyone is familiar with.
The site is still working on invite only access, so try the steps below to start pinning today!
Read more on How to Request a Pinterest Invite
- Comments Off on How to Request a Pinterest Invite
