Advise on hardening php



Any advise on what commands/functions to sensibly disable in php.ini...

Clearly some things should be turned off to prevent easy WP hacking, but not sure how aggressive to be - to avoid ending up breaking wordpress itself & common plugins...

Thanks for producing a truly awesome WP/NGINX site !




I will answer this probably at the month end.

We already have plan to write extensively about security aspects. Its just that we need to polish our internal guidelines so that they will be easy to follow.