Recommended Security Settings
Posted by Konrad Piwowar, Last modified by Konrad Piwowar on 01 November 2018 02:06 PM

We recommend setting the following php.ini variables as general security settings on all servers. These are not specific to any mechbunny software, but rather general security guidelines.

disable_functions = eval,exec,passthru,system,proc_open,popen,curl_exec,curl_multi_exec,parse_ini_file,show_source,phpinfo
display_errors = off
expose_php = off

In httpd.conf (on apache):

- TraceEnable Off
- Install and enabled mod_security

(5 vote(s))
Not helpful

Comments (0)
Post a new comment
Full Name:
CAPTCHA Verification 
Please enter the text you see in the image into the textbox below (we use this to prevent automated submissions).