Today, i will show you a simple thing or tip you can use to make sure server a little more secured.
Often you see on some web pages you see the php error and it shows your absolute path and your file name. On a production server, its best to turn off all errors.
[color=red:85650b7f52]WARNING: before you attempt something like this, you should always make a backup copy of your php.ini file.[/color:85650b7f52]
So how do you disable display errors in Apache? - I have a Redhat (fedora) seerver,,, Well the answer is simple. take these steps:
1. login to your server linux shell command as root.
2. Now edit the php.ini file with this command:
Code:nano /etc/php.ini
3. look for these lines:
Code:; Print out errors (as a part of the output). For production web sites,
; you're strongly encouraged to turn this feature off, and use error logging
; instead (see below). Keeping display_errors enabled on a production web site
; may reveal security information to end users, such as file paths on your Web
; server, your database schema or other information.
display_errors = Off
4. Now Change
From:
Code:display_errors = Off
To:
Code:display_errors = On
Save your changes by hiting Control + x and type y (for yes) at the prompt
5. Now that you have saved your changes, restart http server for the changes to take affect:
Code:/etc/init.d/httpd restart
Now your server will not show up the error. Remember, this should be done in a production environment. Ofcourse you would leave this Off in a testing server so you can see the errors.
If you have any comments or questions, please reply. Thanks