PhpSecInfo 是一個類似 phpinfo() 的東西，不同的是它會列出你PHP 環境設定中存在的安全問題並給出一些建議。

PhpSecInfo

What is it?

PhpSecInfo provides an equivalent to the phpinfo() function that reports security information about the PHP environment, and offers suggestions for improvement. It is not a replacement for secure development techniques, and does not do any kind of code or app auditing, but can be a useful tool in a multilayered security approach.

License

PhpSecInfo is released under the "New BSD" license. View the LICENSE file for more details

Contributing

We encourage interested PHP developers to:

• propose new tests
• write tests
• write documentation
• ask questions
• offer suggestions and feedback

In the near future we'll sort out bug reporting tools and hopefully public SVN access. We do have a mailing list set up for public discussion at: