Документ взят из кэша поисковой машины. Адрес
оригинального документа
: http://old.master.cmc.msu.ru/php/security.hiding.html
Дата изменения: Sun Feb 3 22:33:19 2002 Дата индексирования: Tue Oct 2 00:16:14 2012 Кодировка: |
In general, security by obscurity is one of the weakest forms of security. But in some cases, every little bit of extra security is desirable.
A few simple techniques can help to hide PHP, possibly slowing down an attacker who is attempting to discover weaknesses in your system. By setting expose_php = off in your php.ini file, you reduce the amount of information available to them.
Another tactic is to configure web servers such as apache to parse different filetypes through PHP, either with an .htaccess directive, or in the apache configuration file itself. You can then use misleading file extensions: