Navigation

LAMP server

If you alter your httpd.conf file to include the following two lines the presence, and version, of the PHP module will be hidden - as will the version of Apache you're using:
ServerSignature Off
ServerTokens production

/etc/init.d/apache2 reload

PHP is a fantastic language and is perfect for you dynamic mySQL driven site, but the flexibility of it at the same time makes it vulnerable for external expoits. Here are a few tips of how to secure your php.ini !

Edit our php.ini by logging into shell with root :
vim /usr/lib/php.ini

And change the line:
disable_functions = =>
disable_functions = exec, shell_exec, system, passthru,popen, virtual, show_source, readfile, pclose 

another thing you could change is
safe_mode = Off => safe_mode = On

another thing you could disable is 
enable_dl=On => enable_dl=Off 

open_basedir /var/www/confixx:/usr/share/phpmyadmin:/etc/phpmyadmin