Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
PHP Secure Configuration Checker
Search
Philipp Krenn
September 08, 2014
Programming
1
440
PHP Secure Configuration Checker
Short intro to Sektioneins' PCC
Philipp Krenn
September 08, 2014
Tweet
Share
More Decks by Philipp Krenn
See All by Philipp Krenn
Full-Text Search Explained
xeraa
11
2.4k
360° Monitoring of Your Microservices
xeraa
7
3.5k
Scale Your Metrics with Elasticsearch
xeraa
4
160
YAML Considered Harmful
xeraa
0
2.1k
Scale Your Elasticsearch Cluster
xeraa
1
330
Hands-On ModSecurity and Logging
xeraa
2
210
Centralized Logging Patterns
xeraa
1
1.2k
Dashboards for Your Management with Kibana Canvas
xeraa
1
490
Make Your Data FABulous
xeraa
3
1k
Other Decks in Programming
See All in Programming
The Past, Present, and Future of Enterprise Java
ivargrimstad
0
500
CSC307 Lecture 07
javiergs
PRO
0
550
組織で育むオブザーバビリティ
ryota_hnk
0
170
Data-Centric Kaggle
isax1015
2
760
QAフローを最適化し、品質水準を満たしながらリリースまでの期間を最短化する #RSGT2026
shibayu36
2
4.3k
Fragmented Architectures
denyspoltorak
0
150
Unicodeどうしてる? PHPから見たUnicode対応と他言語での対応についてのお伺い
youkidearitai
PRO
1
1.1k
AIエージェントのキホンから学ぶ「エージェンティックコーディング」実践入門
masahiro_nishimi
4
320
Kotlin Multiplatform Meetup - Compose Multiplatform 외부 의존성 아키텍처 설계부터 운영까지
wisemuji
0
190
「ブロックテーマでは再現できない」は本当か?
inc2734
0
520
Honoを使ったリモートMCPサーバでAIツールとの連携を加速させる!
tosuri13
1
170
OCaml 5でモダンな並列プログラミングを Enjoyしよう!
haochenx
0
140
Featured
See All Featured
ピンチをチャンスに:未来をつくるプロダクトロードマップ #pmconf2020
aki_iinuma
128
55k
30 Presentation Tips
portentint
PRO
1
210
Are puppies a ranking factor?
jonoalderson
1
2.7k
Typedesign – Prime Four
hannesfritz
42
2.9k
Utilizing Notion as your number one productivity tool
mfonobong
2
210
A Tale of Four Properties
chriscoyier
162
24k
How to Align SEO within the Product Triangle To Get Buy-In & Support - #RIMC
aleyda
1
1.4k
Max Prin - Stacking Signals: How International SEO Comes Together (And Falls Apart)
techseoconnect
PRO
0
82
The Hidden Cost of Media on the Web [PixelPalooza 2025]
tammyeverts
2
170
Navigating the moral maze — ethical principles for Al-driven product design
skipperchong
2
240
CoffeeScript is Beautiful & I Never Want to Write Plain JavaScript Again
sstephenson
162
16k
Speed Design
sergeychernyshev
33
1.5k
Transcript
PHP Secure Configuration Checker Philipp Krenn, @xeraa
https://github.com/ sektioneins/pcc SektionEins (Suhoshin) PHP 5.4+ New BSD License
Security Checks Critical: Fix this NOW Example: Register globals
Security Checks High: You should really look at this Example:
Allow URL fopen
Security Checks Medium: This might be a problem Example: Display
errors on
Security Checks Low: Boring stuff Example: Execution time > 300s
Security Checks Maybe: Not sure, check manually Example: Memory limit
> 128MB
Security Checks Comment: Just mentioning it Example: Upload max filesize
is the default (8MB)
Modes CLI Web
Web Security 127.0.0.1 mtime < 2d
How good / bad are the Ubuntu 14.04 defaults? nginx
+ PHP-FPM
None
Give It a Try $ git clone https://github.com/xeraa/ppc-test.git $ cd
ppc-test/ $ vagrant up http://127.0.0.1:8080/phpconfigcheck-allow.php
Conclusion: Simple but gets the job done
Questions?
xeraa
ivargrimstad
javiergs
ryota_hnk
isax1015
shibayu36
denyspoltorak
youkidearitai
masahiro_nishimi
wisemuji
inc2734
tosuri13
haochenx
aki_iinuma
portentint
jonoalderson
hannesfritz
mfonobong
chriscoyier
aleyda
techseoconnect
tammyeverts
skipperchong
sstephenson
sergeychernyshev
