Insecure Configuration
Why is this important?
PHP mostly adheres to secure defaults, but there are ways to introduce configuration issues.
Check out this video for a high-level explanation:
Fixing Insecure Configuration
Option B: Remove phpinfo()
- Go through the issues that GuardRails identified in the PR.
- Remove the code that has this pattern:
phpinfo();
- Test it
- Ship it 🚢 and relax 🌴