Best practices
As with any other part of the application, when you are dealing with security, there are some well-known best practices you need to follow or at least be aware of to avoid future issues. Here, you can find the most common ones related to web development.
File permissions and ownership
One of the most basic security mechanisms is file/folder permissions and ownership. Assuming that you are working on a Linux/Unix system, the main recommendation is to assign the ownership of your source code to the web server or PHP engine user. Regarding file permissions, you should be using the following setting:
- 500 permissions for directories (dr-x------): This setting prevents any accidental deletion or modification of files in the directory.
- 400 ...
Get PHP Microservices now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.