{"id":848,"date":"2004-05-17T10:08:26","date_gmt":"2004-05-17T08:08:26","guid":{"rendered":"\/\/?p="},"modified":"2004-05-17T10:08:26","modified_gmt":"2004-05-17T08:08:26","slug":"hardened-php","status":"publish","type":"post","link":"https:\/\/www.fullo.net\/blog\/2004\/05\/17\/hardened-php\/","title":{"rendered":"hardened php"},"content":{"rendered":"<p>il progetto <a href=\"http:\/\/www.hardened-php.net\/documentation.php\">hardened php<\/a> nasce dal desiderio di rendere particolarmente sicura l&#8217;implementazione di php su server di alta fascia, il progetto fa s\u00ec che PHP riesca a <em>proteggersi da solo<\/em> da eventuali script mal realizzati (o realizzati per far eseguire particolari exploit di memoria).<\/p>\n<blockquote><p>Hardened-PHP adds security hardening features to PHP to protect your<br \/>\nservers on the one hand against a number of well known problems in<br \/>\nhastily written PHP scripts and on the other hand against potential<br \/>\nunknown vulnerabilities within the engine itself.<\/p><\/blockquote>\n<p>ciuaz<\/p>\n","protected":false},"excerpt":{"rendered":"<p>il progetto hardened php nasce dal desiderio di rendere particolarmente sicura l&#8217;implementazione di php su server di alta fascia, il progetto fa s\u00ec che PHP riesca a proteggersi da solo da eventuali script mal realizzati (o realizzati per far eseguire particolari exploit di memoria). Hardened-PHP adds security hardening features to PHP to protect your servers [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"jetpack_post_was_ever_published":false,"_jetpack_newsletter_access":"","_jetpack_dont_email_post_to_subs":false,"_jetpack_newsletter_tier_id":0,"_jetpack_memberships_contains_paywalled_content":false,"_jetpack_memberships_contains_paid_content":false,"footnotes":"","jetpack_publicize_message":"","jetpack_publicize_feature_enabled":true,"jetpack_social_post_already_shared":false,"jetpack_social_options":{"image_generator_settings":{"template":"highway","default_image_id":0,"font":"","enabled":false},"version":2}},"categories":[9,5],"tags":[],"class_list":["post-848","post","type-post","status-publish","format-standard","hentry","category-php","category-tecnologia"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.5 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>hardened php - Fullo<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.fullo.net\/blog\/2004\/05\/17\/hardened-php\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"hardened php - Fullo\" \/>\n<meta property=\"og:description\" content=\"il progetto hardened php nasce dal desiderio di rendere particolarmente sicura l&#8217;implementazione di php su server di alta fascia, il progetto fa s\u00ec che PHP riesca a proteggersi da solo da eventuali script mal realizzati (o realizzati per far eseguire particolari exploit di memoria). Hardened-PHP adds security hardening features to PHP to protect your servers [&hellip;]\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.fullo.net\/blog\/2004\/05\/17\/hardened-php\/\" \/>\n<meta property=\"og:site_name\" content=\"Fullo\" \/>\n<meta property=\"article:published_time\" content=\"2004-05-17T08:08:26+00:00\" \/>\n<meta name=\"author\" content=\"Francesco Fullone\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@fullo\" \/>\n<meta name=\"twitter:site\" content=\"@fullo\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Francesco Fullone\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.fullo.net\\\/blog\\\/2004\\\/05\\\/17\\\/hardened-php\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.fullo.net\\\/blog\\\/2004\\\/05\\\/17\\\/hardened-php\\\/\"},\"author\":{\"name\":\"Francesco Fullone\",\"@id\":\"https:\\\/\\\/www.fullo.net\\\/blog\\\/#\\\/schema\\\/person\\\/24e91bc6caea6c411a8668df5639428c\"},\"headline\":\"hardened php\",\"datePublished\":\"2004-05-17T08:08:26+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.fullo.net\\\/blog\\\/2004\\\/05\\\/17\\\/hardened-php\\\/\"},\"wordCount\":88,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\\\/\\\/www.fullo.net\\\/blog\\\/#\\\/schema\\\/person\\\/24e91bc6caea6c411a8668df5639428c\"},\"articleSection\":[\"php\",\"tecnologia\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\\\/\\\/www.fullo.net\\\/blog\\\/2004\\\/05\\\/17\\\/hardened-php\\\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.fullo.net\\\/blog\\\/2004\\\/05\\\/17\\\/hardened-php\\\/\",\"url\":\"https:\\\/\\\/www.fullo.net\\\/blog\\\/2004\\\/05\\\/17\\\/hardened-php\\\/\",\"name\":\"hardened php - Fullo\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.fullo.net\\\/blog\\\/#website\"},\"datePublished\":\"2004-05-17T08:08:26+00:00\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.fullo.net\\\/blog\\\/2004\\\/05\\\/17\\\/hardened-php\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.fullo.net\\\/blog\\\/2004\\\/05\\\/17\\\/hardened-php\\\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.fullo.net\\\/blog\\\/2004\\\/05\\\/17\\\/hardened-php\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.fullo.net\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"hardened php\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.fullo.net\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/www.fullo.net\\\/blog\\\/\",\"name\":\"Fullo\",\"description\":\"nulla e&#039; impossibile per chi non lo deve fare!\",\"publisher\":{\"@id\":\"https:\\\/\\\/www.fullo.net\\\/blog\\\/#\\\/schema\\\/person\\\/24e91bc6caea6c411a8668df5639428c\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.fullo.net\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":[\"Person\",\"Organization\"],\"@id\":\"https:\\\/\\\/www.fullo.net\\\/blog\\\/#\\\/schema\\\/person\\\/24e91bc6caea6c411a8668df5639428c\",\"name\":\"Francesco Fullone\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/i0.wp.com\\\/www.fullo.net\\\/blog\\\/wp-content\\\/uploads\\\/2024\\\/10\\\/hawiaina-gold-circled-white.png?fit=622%2C622&ssl=1\",\"url\":\"https:\\\/\\\/i0.wp.com\\\/www.fullo.net\\\/blog\\\/wp-content\\\/uploads\\\/2024\\\/10\\\/hawiaina-gold-circled-white.png?fit=622%2C622&ssl=1\",\"contentUrl\":\"https:\\\/\\\/i0.wp.com\\\/www.fullo.net\\\/blog\\\/wp-content\\\/uploads\\\/2024\\\/10\\\/hawiaina-gold-circled-white.png?fit=622%2C622&ssl=1\",\"width\":622,\"height\":622,\"caption\":\"Francesco Fullone\"},\"logo\":{\"@id\":\"https:\\\/\\\/i0.wp.com\\\/www.fullo.net\\\/blog\\\/wp-content\\\/uploads\\\/2024\\\/10\\\/hawiaina-gold-circled-white.png?fit=622%2C622&ssl=1\"},\"sameAs\":[\"http:\\\/\\\/www.fullo.net\",\"https:\\\/\\\/www.linkedin.com\\\/in\\\/fullo\",\"https:\\\/\\\/x.com\\\/fullo\"],\"url\":\"https:\\\/\\\/www.fullo.net\\\/blog\\\/author\\\/fullo\\\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"hardened php - Fullo","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.fullo.net\/blog\/2004\/05\/17\/hardened-php\/","og_locale":"en_US","og_type":"article","og_title":"hardened php - Fullo","og_description":"il progetto hardened php nasce dal desiderio di rendere particolarmente sicura l&#8217;implementazione di php su server di alta fascia, il progetto fa s\u00ec che PHP riesca a proteggersi da solo da eventuali script mal realizzati (o realizzati per far eseguire particolari exploit di memoria). Hardened-PHP adds security hardening features to PHP to protect your servers [&hellip;]","og_url":"https:\/\/www.fullo.net\/blog\/2004\/05\/17\/hardened-php\/","og_site_name":"Fullo","article_published_time":"2004-05-17T08:08:26+00:00","author":"Francesco Fullone","twitter_card":"summary_large_image","twitter_creator":"@fullo","twitter_site":"@fullo","twitter_misc":{"Written by":"Francesco Fullone"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.fullo.net\/blog\/2004\/05\/17\/hardened-php\/#article","isPartOf":{"@id":"https:\/\/www.fullo.net\/blog\/2004\/05\/17\/hardened-php\/"},"author":{"name":"Francesco Fullone","@id":"https:\/\/www.fullo.net\/blog\/#\/schema\/person\/24e91bc6caea6c411a8668df5639428c"},"headline":"hardened php","datePublished":"2004-05-17T08:08:26+00:00","mainEntityOfPage":{"@id":"https:\/\/www.fullo.net\/blog\/2004\/05\/17\/hardened-php\/"},"wordCount":88,"commentCount":0,"publisher":{"@id":"https:\/\/www.fullo.net\/blog\/#\/schema\/person\/24e91bc6caea6c411a8668df5639428c"},"articleSection":["php","tecnologia"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/www.fullo.net\/blog\/2004\/05\/17\/hardened-php\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/www.fullo.net\/blog\/2004\/05\/17\/hardened-php\/","url":"https:\/\/www.fullo.net\/blog\/2004\/05\/17\/hardened-php\/","name":"hardened php - Fullo","isPartOf":{"@id":"https:\/\/www.fullo.net\/blog\/#website"},"datePublished":"2004-05-17T08:08:26+00:00","breadcrumb":{"@id":"https:\/\/www.fullo.net\/blog\/2004\/05\/17\/hardened-php\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.fullo.net\/blog\/2004\/05\/17\/hardened-php\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/www.fullo.net\/blog\/2004\/05\/17\/hardened-php\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.fullo.net\/blog\/"},{"@type":"ListItem","position":2,"name":"hardened php"}]},{"@type":"WebSite","@id":"https:\/\/www.fullo.net\/blog\/#website","url":"https:\/\/www.fullo.net\/blog\/","name":"Fullo","description":"nulla e&#039; impossibile per chi non lo deve fare!","publisher":{"@id":"https:\/\/www.fullo.net\/blog\/#\/schema\/person\/24e91bc6caea6c411a8668df5639428c"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.fullo.net\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":["Person","Organization"],"@id":"https:\/\/www.fullo.net\/blog\/#\/schema\/person\/24e91bc6caea6c411a8668df5639428c","name":"Francesco Fullone","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/i0.wp.com\/www.fullo.net\/blog\/wp-content\/uploads\/2024\/10\/hawiaina-gold-circled-white.png?fit=622%2C622&ssl=1","url":"https:\/\/i0.wp.com\/www.fullo.net\/blog\/wp-content\/uploads\/2024\/10\/hawiaina-gold-circled-white.png?fit=622%2C622&ssl=1","contentUrl":"https:\/\/i0.wp.com\/www.fullo.net\/blog\/wp-content\/uploads\/2024\/10\/hawiaina-gold-circled-white.png?fit=622%2C622&ssl=1","width":622,"height":622,"caption":"Francesco Fullone"},"logo":{"@id":"https:\/\/i0.wp.com\/www.fullo.net\/blog\/wp-content\/uploads\/2024\/10\/hawiaina-gold-circled-white.png?fit=622%2C622&ssl=1"},"sameAs":["http:\/\/www.fullo.net","https:\/\/www.linkedin.com\/in\/fullo","https:\/\/x.com\/fullo"],"url":"https:\/\/www.fullo.net\/blog\/author\/fullo\/"}]}},"jetpack_publicize_connections":[],"jetpack_featured_media_url":"","jetpack_sharing_enabled":true,"jetpack_shortlink":"https:\/\/wp.me\/p3OSc1-dG","jetpack_likes_enabled":true,"jetpack-related-posts":[{"id":1516,"url":"https:\/\/www.fullo.net\/blog\/2005\/07\/13\/php-security\/","url_meta":{"origin":848,"position":0},"title":"php security","author":"Francesco Fullone","date":"13\/07\/2005","format":false,"excerpt":"su Hardened-PHP e sul blog di Shiflett si discute di possibili bug nella guida alla programmazione sicura pubblicata dallo stesso Shiflett per il phpSec Consortium ciuaz","rel":"","context":"In &quot;php&quot;","block_context":{"text":"php","link":"https:\/\/www.fullo.net\/blog\/category\/tecnologia\/php\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":2165,"url":"https:\/\/www.fullo.net\/blog\/2006\/12\/31\/php-e-sicurezza\/","url_meta":{"origin":848,"position":1},"title":"PHP e sicurezza","author":"Francesco Fullone","date":"31\/12\/2006","format":false,"excerpt":"Ultimamente vuoi per viaggi e vuoi per lavoro ho tralasciato uno degli argomenti principali del mio blog il PHP. Me ne scuso con i miei lettori facendo un piccolo resoconto su quello che \u00e8 successo negli ultimi mesi in ambito sicurezza. Innanzitutto Stefen Esser ha lasciato il gruppo relativo alla\u2026","rel":"","context":"In &quot;php&quot;","block_context":{"text":"php","link":"https:\/\/www.fullo.net\/blog\/category\/tecnologia\/php\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":1876,"url":"https:\/\/www.fullo.net\/blog\/2006\/02\/16\/php-day-il-call-for-paper-e-aperto\/","url_meta":{"origin":848,"position":2},"title":"PHP Day il call for paper \u00e8 aperto!","author":"Francesco Fullone","date":"16\/02\/2006","format":false,"excerpt":"Come annunciato qualche giorno fa \u00e8 stato aperto ufficialmente il call for paper del phpDay. Se volete discutere di php davanti ad un centinaio di persone e pensate di avere buone argomentazioni mandateci qualche info. Durante la manifestazione ci saranno 2 differenti percorsi di talk (tenuti parallelamente in due aulee):\u2026","rel":"","context":"In &quot;php&quot;","block_context":{"text":"php","link":"https:\/\/www.fullo.net\/blog\/category\/tecnologia\/php\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":2108,"url":"https:\/\/www.fullo.net\/blog\/2006\/11\/04\/aggiornate-php-e-fatelo-in-fretta\/","url_meta":{"origin":848,"position":3},"title":"Aggiornate PHP, e fatelo in fretta&#8230;","author":"Francesco Fullone","date":"04\/11\/2006","format":false,"excerpt":"E' stata rilevato un bug abbastanza grave che permette di usare htmlentities() e htmlspecialchars() per eseguire codice remoto su un server (maggiori info su hardened-php). Siccome quelle due funzioni sono alla base di tutti i metodi di parsing e protezione contro XSS sono normalmente usate ovunque. Su PHP.net trovate le\u2026","rel":"","context":"In &quot;php&quot;","block_context":{"text":"php","link":"https:\/\/www.fullo.net\/blog\/category\/tecnologia\/php\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":1703,"url":"https:\/\/www.fullo.net\/blog\/2005\/10\/20\/links-sparsi\/","url_meta":{"origin":848,"position":4},"title":"links sparsi","author":"Francesco Fullone","date":"20\/10\/2005","format":false,"excerpt":"E' stata (finalmente) rilasciata la versione 2.0 di OpenOffice.org nessuna novit\u00e0 dalle ultime 3 rc se non qualche bugfix. Ubuntu diventa anche server, Canonical ha infatti rilasciato una versione specifica per il mondo server dell'ultima nata Breezy. Firefox raggiunge i 100 milioni di download, complimenti! :) VmWare ha rilasciato VmPlayer,\u2026","rel":"","context":"In &quot;linux&quot;","block_context":{"text":"linux","link":"https:\/\/www.fullo.net\/blog\/category\/tecnologia\/linux\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":854,"url":"https:\/\/www.fullo.net\/blog\/2004\/05\/21\/phplinks-php-gacl\/","url_meta":{"origin":848,"position":5},"title":"php::Links (&#8216;PHP-GACL&#8217;);","author":"Francesco Fullone","date":"21\/05\/2004","format":false,"excerpt":"se volete realizzare da zero un'applicazione multiutente e non sapete come far gestire i permessi nelle varie aree di lettura\/scrittura\/modifica vi consiglio lo studio delle librerie PHP-GACL: A PHP class offering Web developers a simple, yet immensely powerful \"drop in\" permission system to their current Web based applications. il progetto\u2026","rel":"","context":"In &quot;tecnologia&quot;","block_context":{"text":"tecnologia","link":"https:\/\/www.fullo.net\/blog\/category\/tecnologia\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]}],"_links":{"self":[{"href":"https:\/\/www.fullo.net\/blog\/wp-json\/wp\/v2\/posts\/848","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.fullo.net\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.fullo.net\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.fullo.net\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.fullo.net\/blog\/wp-json\/wp\/v2\/comments?post=848"}],"version-history":[{"count":0,"href":"https:\/\/www.fullo.net\/blog\/wp-json\/wp\/v2\/posts\/848\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.fullo.net\/blog\/wp-json\/wp\/v2\/media?parent=848"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.fullo.net\/blog\/wp-json\/wp\/v2\/categories?post=848"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.fullo.net\/blog\/wp-json\/wp\/v2\/tags?post=848"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}