PHP security : error reporting

It seems that one can make up a form to request a page with funny requests, eg: site.php?showerror=1&error=1… etc.

File permissions, authentication layers, database ports, … can be probed.

Developers can 1. check all the functions 2. disable the error reporting. Eg set error_reporting = 0, display_errors = Off. 

 

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s