35
PHP Settings
Disable error display (display_errors)
Disable remote includes (allow_url_fopen and allow_url_include)
Set reasonable resource maximums (upload_max_filesize and memory_limit)
Leverage the disable_functions directive to block dangerous functions:
exec, passthru, shell_exec, system, proc_open, popen,
parse_ini_file, show_source, eval, create_function