Which PHP settings can I change?
security settings
register globals = On
Notice: This setting was removed with PHP 5.4.
Deactivating this setting can increase security, since it is no longer so easy to insert modified variables into the code.
allow_furl_open = On
Specifies whether file access to external URLs is allowed. Preventing it increases security because it is more difficult for attackers to download malicious programs.
display_errors = Off
Although the error display is useful for debugging, it also provides attackers with internal information. It is therefore advisable to switch them off.
disable_functions
Specifies a list of features to turn off. These are not usually used by PHP software, but are used by attackers.
Example: disable_functions = exec,system,passthru,shell_exec,popen,escapeshellcmd,proc_open, proc_nice,ini_restore
safe_mode = On
Turns on safe mode, which causes PHP to run in safe mode. Additional checks are performed on file operations and access to environment variables is restricted.