Skip to main content

PHP Configuration & Security

In "Security Precautions [for] PHP on Apache Servers," Steven Whitney describes in detail the configuration settings for PHP that are effective at blocking the most common types of webserver attacks. The configuration adjustments are few and the rules are pretty simple. There are two files where PHP configuration commands reside: php.ini (preferred) or .htaccess. File php.ini specifies the configuration settings PHP will use when it is running on your website. It determines what things PHP scripts are allowed to do and what they are prohibited from doing.

Website Architecture

The user experience development process is all about ensuring that no aspect of the user’s experience with your site happens without your conscious, explicit intent. This means taking into account every possibility of every action the user is likely to take and understanding the user’s expectations at every step of the way through that process. It sounds like a big job, and in some ways it is. But by breaking the job of crafting the user experience down into its component elements, we can better understand the problem as a whole.