Which PHP settings can I change?

security settings

register globals = On

Notice: This setting was removed with PHP 5.4.

Deactivating this setting can increase security, since it is no longer so easy to insert modified variables into the code.

allow_furl_open = On

Specifies whether file access to external URLs is allowed. Preventing it increases security because it is more difficult for attackers to download malicious programs.

display_errors = Off

Although the error display is useful for debugging, it also provides attackers with internal information. It is therefore advisable to switch them off.


Specifies a list of features to turn off. These are not usually used by PHP software, but are used by attackers.
Example: disable_functions = exec,system,passthru,shell_exec,popen,escapeshellcmd,proc_open, proc_nice,ini_restore

safe_mode = On

Turns on safe mode, which causes PHP to run in safe mode. Additional checks are performed on file operations and access to environment variables is restricted.