{"id":16424102,"url":"https://github.com/funkatron/phpsecinfo","last_synced_at":"2025-03-21T04:30:24.699Z","repository":{"id":499409,"uuid":"126338","full_name":"funkatron/phpsecinfo","owner":"funkatron","description":"PhpSecInfo provides an equivalent to the phpinfo() function that reports security information about the PHP environment, and offers suggestions for improvement.","archived":false,"fork":false,"pushed_at":"2011-09-11T16:13:45.000Z","size":326,"stargazers_count":46,"open_issues_count":1,"forks_count":11,"subscribers_count":10,"default_branch":"master","last_synced_at":"2024-10-12T07:43:08.409Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":"http://phpsecinfo.com","language":"PHP","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"other","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/funkatron.png","metadata":{"files":{"readme":"README","changelog":"CHANGELOG","contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2009-02-11T03:26:44.000Z","updated_at":"2024-10-03T05:11:08.000Z","dependencies_parsed_at":"2022-07-07T14:51:19.533Z","dependency_job_id":null,"html_url":"https://github.com/funkatron/phpsecinfo","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/funkatron%2Fphpsecinfo","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/funkatron%2Fphpsecinfo/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/funkatron%2Fphpsecinfo/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/funkatron%2Fphpsecinfo/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/funkatron","download_url":"https://codeload.github.com/funkatron/phpsecinfo/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":221811374,"owners_count":16884305,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-10-11T07:43:07.259Z","updated_at":"2024-10-28T09:18:51.010Z","avatar_url":"https://github.com/funkatron.png","language":"PHP","funding_links":[],"categories":[],"sub_categories":[],"readme":"## PHPSECINFO\n\n*Now on GitHub*\n\n_see LICENSE for copyright and license info_\n\nMailing List for bug reports, feedback, etc:\nhttp://lists.phpsec.org/mailman/listinfo/phpsecinfo\n\n\n### WHAT IS PHPSECINFO?\nPHPSecInfo is a PHP environment security auditing tool modeled after the\nphpsecinfo() function.  From a single function call, PHPSecInfo runs a\nseries of tests on your PHP environment to identify potential security\nissues and offer suggestions.  It can be useful as part of a multilayered\nsecurity approach.\n\n\n#### WHAT IS PHPSECINFO NOT?\n* It is not a replacement for secure coding practices\n* It does not audit PHP code\n* It is not comprehensive test for either your hosting environment\n  or your web application\n* It is not the \"final word.\"  PHPSecInfo identifies *potential* problems\n  and offers suggestions for improvement.  Your environment may _require_\n  certain settings that trigger cautions or warnings.\n\n\n### HOW DO I USE PHPSECINFO?\n\nThe simplest way:\n\n* Uncompress and upload the contents of the archive to your web server's\n  document root\n* Open a browser and view the index.php file where you've uploaded the files\n  (probably something like http://www.yourdomain.com/phpsecinfo/index.php)\n\n\n### WHAT DO I DO IF I GET A NOTICE OR WARNING?\n\nRead the explanation of the result carefully.  Research the issue on-line\n-- resources like the php.net official docs and the PHP Security Guide are\nvery useful.  Investigate why your environment is set up in such a way.  If\nthere's not a compelling reason to keep it as-is, you should probably\n\nA by no means comprehensive list of resources to get your started:\n\nWeb Sites:\nhttp://www.php.net/manual/en/security.php\nhttp://phpsec.org/projects/guide/\n\nBooks:\nhttp://phparch.com/pgps\nhttp://phpsecurity.org/\nhttp://apachesecurity.net/\n\n\n### HOW CAN I CUSTOMIZE THE OUTPUT OF PHPSECINFO?\n\nPHPSecInfo is intended to be used as a self-contained tool.  However, you\ncan obtain the test results in an array and then present this data in your\npreferred format.\n\nExample:\n\u003ccode\u003e\nrequire_once('PhpSecInfo/PhpSecInfo.php');\n// instantiate the class\n$psi = new PhpSecInfo();\n\n// load and run all tests\n$psi-\u003eloadAndRun();\n\n// grab the results as a multidimensional array\n$results = $psi-\u003egetResultsAsArray();\necho \"\u003cpre\u003e\"; echo print_r($results, true); echo \"\u003c/pre\u003e\";\n\n// grab the standard results output as a string\n$html = $psi-\u003egetOutput();\n\n// send it to the browser\necho $html;\n\u003c/code\u003e\n\n\n### HOW CAN I OFFER FEEDBACK, REPORT BUGS, COMPLAIN, ETC.?\n\nThe best way is to subscribe to and post on the PHPSecInfo Mailing List:\n\nhttp://lists.phpsec.org/mailman/listinfo/phpsecinfo\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Ffunkatron%2Fphpsecinfo","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Ffunkatron%2Fphpsecinfo","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Ffunkatron%2Fphpsecinfo/lists"}