
Add extra layer of security by hiding PHP
by bernt & torsten
Why would you want to hide PHP?
It is a form of security if you running a popular web platform such as WordPress, Joomla or Drupal. You might want to hide the PHP as a form of security by obscurity which is a little bit of extra security to your server.
One way to hide PHP, to slow down an attacker who is attempting to discover weaknesses in your system. This is by setting expose_php to off in your php.ini file, this will reduce the amount of information available to an attacker.
Another tactic is to configure web servers such as apache to parse different filetypes through PHP, either with a .htaccess directive or in the apache configuration file itself. You can then use misleading file extensions:
Example #1 Hiding PHP as another language
# Make PHP code look like other code types AddType application/x-httpd-php .asp .py .pl
Or obscure it completely:
Example #2 Using unknown types for PHP extensions
# Make PHP code look like unknown types AddType application/x-httpd-php .bop .foo .133t
Or hide it as HTML code, which has a slight performance hit because all HTML will be parsed through the PHP
Example #3 Using HTML types for PHP extensions
# Make all PHP code look like HTML AddType application/x-httpd-php .htm .html
For this to work effectively, you must rename your PHP files with the above extensions.

Navigating the Procrastination Pitfalls of the AI Tool Explosion
Maintaining focus and productivity is crucial in an era defined by a constant influx of AI...

The Impact of Living Abroad on Pension Eligibility and Income
Understanding how pension systems interact becomes crucial when people work across multiple...

Tech Disillusionment
For four decades, I have worked in the tech industry. I started in the 1980s when computing...