-
Notifications
You must be signed in to change notification settings - Fork 87
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Improve PHP security recommendations #2423
base: master
Are you sure you want to change the base?
Conversation
docs/infrastructure_and_maintenance/security/security_checklist.md
Outdated
Show resolved
Hide resolved
docs/infrastructure_and_maintenance/security/security_checklist.md
Outdated
Show resolved
Hide resolved
docs/infrastructure_and_maintenance/security/security_checklist.md
Outdated
Show resolved
Hide resolved
docs/infrastructure_and_maintenance/security/security_checklist.md
Outdated
Show resolved
Hide resolved
### Other PHP settings | ||
|
||
Consider what other security related settings are relevant for your needs. | ||
The [OWASP PHP Configuration Cheat Sheet](https://cheatsheetseries.owasp.org/cheatsheets/PHP_Configuration_Cheat_Sheet.html) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Seeing that it doesn't even acknowledge PHP 8 and was not updated in 4 years I'm torn if we should mention it to be honest
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Yes, same, but OWASP is such a great resource in general and this page links to others that are also good. I also expect the OWASP community to update this page eventually. I'm doubtfully leaning towards keeping it.
Co-authored-by: Adrien Dupuis <[email protected]>
Co-authored-by: Adrien Dupuis <[email protected]>
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Please check my comment.
docs/infrastructure_and_maintenance/security/security_checklist.md
Outdated
Show resolved
Hide resolved
Co-authored-by: julitafalcondusza <[email protected]>
PHP security improvement suggestion after discussion at https://ibexa.slack.com/archives/C0BJ6NGBT/p1719999336088349
Checklist
Code samples are workingPHP code samples have been fixed with PHP CS fixerAdded link to this PR in relevant JIRA ticket or code PR