PhpSecInfo: Similar To phpinfo() But Focused On Security

PHPSecInfo is a PHP environment security auditing tool which can be useful as part of a multilayered security approach.

The script runs a series of tests to identify potential security issues and offer suggestions.

PhpSecInfo

It can be reached easily by calling the "index.php" files after uploading the project folder.

PHP Security Consortium also has a PHP security guide which you may want to check out.

P.S. PhpSecInfo is definitely not a replacement for secure coding practices & doesn’t audit PHP code.

  • http://weblog.aklmedia.nl Randy ten Have

    PHPSecInfo is obsolete. The package is almost 2 years old and some important checks are missing… Altough it’s a good tool to get a first impression.

Search