PhpSecInfo 是一個類似 phpinfo() 的東西,不同的是它會列出你PHP 環境設定中存在的安全問題並給出一些建議。
PhpSecInfo provides an equivalent to the phpinfo() function that reports security information about the PHP environment, and offers suggestions for improvement. It is not a replacement for secure development techniques, and does not do any kind of code or app auditing, but can be a useful tool in a multilayered security approach.
PhpSecInfo is released under the "New BSD" license. View the LICENSE file for more details
We encourage interested PHP developers to:
In the near future we'll sort out bug reporting tools and hopefully public SVN access. We do have a mailing list set up for public discussion at: