Possible to view PHP code of a website?

php html linux security
112,844

Solution 1

A bug or security vulnerability in the server (either Apache or the PHP engine), or your own PHP code, might allow an attacker to obtain access to your code.

For instance if you have a PHP script to allow people to download files, and an attacker can trick this script into download some of your PHP files, then your code can be leaked.

Since it's impossible to eliminate all bugs from the software you're using, if someone really wants to steal your code, and they have enough resources, there's a reasonable chance they'll be able to.

However, as long as you keep your server up-to-date, someone with casual interest is not able to see the PHP source unless there are some obvious security vulnerabilities in your code.

Read the Security section of the PHP manual as a starting point to keeping your code safe.

Solution 2

By using exploits or on badly configured servers it could be possible to download your PHP source. You could however either obfuscate and/or encrypt your code (using Zend Guard, Ioncube or a similar app) if you want to make sure your source will not be readable (to be accurate, obfuscation by itself could be reversed given enough time/resources, but I haven't found an IonCube or Zend Guard decryptor yet...).

Share:
112,844
Admin
Author by

Admin

Updated on March 13, 2020

Comments

  • Admin
    Admin about 4 years

    Is it possible to somehow view another websites php files/codes?

    Or to rephrase the question, Can my php codes be viewed by anybody except for those who have access to the file?

    If so, how can I best prevent this?

    Ps: Server OS is Ubuntu 9.10 and PHP version is 5+ (Apache2)

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

MIME Type spoofing
How Mega does to save a file to harddrive without requiring permission
Using PHP inside .html files not working as expected
The MD5 hash value is different from Bash and PHP
code injected inside PHP file with 777 permission
Securing file system for secure SFTP server
What permissions / ownership to set on PHP Sessions Folder when running FastCGI / PHP-FPM (as user "nobody")?
What user should apache and PHP be running as? What permissions should /var/www files have?
How do I disable functions on servers for particular directories?
Prevent hidden input from being altered