DangerousPHPFunctions
DangerousPHPFunctions copied to clipboard
Growing list of potentially dangerous PHP functions
WARNING
!!! THIS REPO IS HIGHLY OUTDATED, YOU PROBABLY SHOULDN'T USE IT !!!
README
This is a list of potentially dangerous PHP functions which should be disabled in most of the PHP web hosting environments.
The php_dangerous.txt file contains the categorized list of these functions. The likely_used.txt file contains functions which can be used dangerously but are required by many applications.
Format:
[Category name ]
function_name # comment
The generate_ini.sh script generates a php.ini entry from the list. Usage:
generate_ini.sh php_dangerous.txt
DISCLAIMER
Use at your own risk! Hardening should always be done in accordance with the current environment.