PHP Functions which help hackers to hack your server

I am listing below some PHP Functions which you should keep disabled if you dont need them as they help hackers to deface your websites or hack the server:

dl
exec
shell_exec
system
passthru
popen
pclose
proc_open
proc_nice
proc_terminate
proc_get_status
proc_close
leak
apache_child_terminate
posix_kill
posix_mkfifo
posix_setpgid
posix_setsid
posix_setuid
escapeshellcmd
escapeshellarg
shell-exec
fpassthru
crack_check
crack_closedict
crack_getlastmessage
crack_opendict
psockopen
php_uname
symlink
mkdir
ini_restore
posix_getpwuid
error_log
print_r
scandir
copy
phpinfo
ini_set

To disable these functions you can add following line to /usr/local/lib/php.ini


disable_functions = “dl,exec,shell_exec,system,passthru,popen,pclose,proc_open,proc_nice,proc_terminate,proc_get_status,proc_close,leak,
apache_child_terminate,posix_kill,posix_mkfifo,posix_setpgid,posix_setsid,posix_setuid,escapeshellcmd,escapeshellarg,shell-exec,fpassthru,crack_check,crack_closedict,crack_getlastmessage,crack_opendict,psockopen,php_uname,symlink,mkdir
,ini_restore,posix_getpwuid,error_log,print_r,scandir,copy,phpinfo,ini_set”

Then restart the apache server that is httpd service.

Please note: Doing this will break some of the php scripts on your clients. I would suggest you to block above functions first and then when you come to know which php scripts are breaking by this, at that time you can remove that particular function needed by the script. This way your disable function list will be perfect as required by your server

Hope this helps you all.

For further updates, Stay Tuned

Advertisements
  1. No trackbacks yet.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: