How to protect Web Server from execution of PHP Shells ???

Hello friends...
In previous tutorial I have given you an introduction to php.ini file in web servers. If you didn't read it then have a look at here.

So in today's tutorial I am gonna teach you that how to Secure web servers from PHP Shells !!!
Hope you know about PHP shells like b347k, r57, c99 etc...
(Or we can say that PHP shell is one type of Hacker's control panel on web servers monitor by hackers.)


OK, let me come to then point. Most of Hackers upload a shell on web servers after hacking into website or gaining access into website. If hackers have successfully uploaded a shell on web server then its finished. They can do hell lots of thing after uploading a shell.

But suppose hackers failed to upload a shell on web servers then ???

So today I'll teach you that how to protect web servers from PHP shells. As I mentioned in my previous tutorial that " php.ini is very useful and it is a configuration file that is used to customize behavior of PHP at run time."

And "The Settings in which upload directory, register global variables, display errors, log errors, max uploading size setting, maximum time to execute a script and other configurations is written in this file."

So adding some code in your php.ini file will protect your server from execution of Shells like b374k, r57,c99.

disable_functions = php_uname, getmyuid, getmypid,
passthru, leak, listen, diskfreespace, tmpfile, link,
ignore_user_abord, shell_exec, dl, set_time_limit, exec,
system, highlight_file, source, show_source, fpaththru,
virtual, posix_ctermid, posix_getcwd, posix_getegid,

posix_geteuid, posix_getgid, posix_getgrgid, 
posix_getgrnam, posix_getgroups, posix_getlogin,
posix_getpgid, posix_getpgrp, posix_getpid,
posix, _getppid, posix_getpwnam, posix_getpwuid,
posix_getrlimit, posix_getsid, posix_getuid,
posix_isatty, posix_kill, posix_mkfifo, posix_setegid,
posix_seteuid, posix_setgid, posix_setpgid, posix_setsid,
posix_setuid, posix_times, posix_ttyname, posix_uname,
proc_open, proc_close, proc_get_status, proc_nice,
proc_terminate, phpinfo, system, passthru, shell_exec,
escapeshellarg, escapeshellcmd,
proc_close, proc_open, ini_alter, dl,
popen, popen, pcntl_exec, socket_accept,
socket_bind, socket_clear_error, socket_close, socket_connect

Also don't forget to On and Off some functions like below:

safe_mode = On
register_globals = Off
display_errors = Off
allow_url_fopen = Off
allow_url_include = Off
enable open_basedir (Note: Don't forget to set it to webroot path)

Hope you like this tutorial...
Thanks for reading...
Please do share if you found this useful tutorial....

Powered by Blogger.