Knowledgebase
Recommended Security Settings
Posted by Konrad Piwowar on 19 August 2016 10:48 AM

We recommend setting the following php.ini variables as general security settings on all servers. These are not specific to any mechbunny software, but rather general security guidelines.

disable_functions = eval,exec,passthru,system,proc_open,popen,curl_exec,curl_multi_exec,parse_ini_file,show_source,phpinfo
display_errors = off
expose_php = off

In httpd.conf (on apache):

- TraceEnable Off
- Install and enabled mod_security

(4 vote(s))
Helpful
Not helpful

Comments (0)
Post a new comment
 
 
Full Name:
Email:
Comments: