Insecure Configuration

Why is this important?

PHP mostly adheres to secure defaults, but there are ways to introduce configuration issues.

Fixing Insecure Configuration

Option B: Remove phpinfo()

  1. Go through the issues that GuardRails identified in the PR.
  2. Remove the code that has this pattern:

     phpinfo();
    
  3. Test it

  4. Ship it 🚢 and relax 🌴

More information: