Lynis security controls
|PHP-2320||PHP||PHP disabled functions|
PHP enables system administrators to disable possible harmful functions. Depending on the software being used, many functions are not needed for proper functioning. An example of this would be the possibility to download a remote file via PHP, which is only needed in some applications.
|PHP-2372||PHP||PHP expose_php option|
Software in general should not display software names or versions to normal users of a service, to avoid information leakage.
|PHP-2374||PHP||Disable dynamic loading of modules|
This test determines if modules can be loaded with the ld() function
PHP allows file downloads with the allow_url_fopen setting. If not strictly needed for the applications running on the server, make sure this option is disabled.
PHP allows file downloads with the allow_url_include setting. If not strictly needed for the applications running on the server, make sure this option is disabled.
|PHP-2379||PHP||PHP Suhosin extension status|
This control checks for the presence of Suhosin.