🔒 Server Security Audit

PHP Security Configuration & Vulnerability Assessment

PHP Version Information

PHP Version: 8.4.13

OK: PHP version is current

Open Base Dir Protection

PROTECTED: open_basedir is configured

/home/t91/:/tmp/:/var/tmp/:/opt/alt/php84/usr/share/pear/:/dev/urandom:/usr/local/php84/lib/:/usr/local/php84/lib/:/usr/local/lib/php/

PHP file access is restricted to the directories listed above.

Dangerous Functions Analysis

High Risk

FunctionStatus
exec()DISABLED
shell_exec()DISABLED
system()DISABLED
passthru()DISABLED
popen()DISABLED
proc_open()DISABLED
pcntl_exec()DISABLED

Medium Risk

FunctionStatus
eval()DISABLED
assert()ENABLED
create_function()DISABLED
include()DISABLED
require()DISABLED

File Operations

FunctionStatus
file_get_contents()ENABLED
file_put_contents()ENABLED
fopen()ENABLED
readfile()ENABLED
unlink()ENABLED

Information Disclosure

FunctionStatus
phpinfo()ENABLED
posix_getpwuid()DISABLED
getenv()ENABLED
get_current_user()ENABLED

Disabled Functions List

exec,system,passthru,shell_exec,proc_close,proc_open,dl,popen,show_source,posix_kill,posix_mkfifo,posix_getpwuid,posix_setpgid,posix_setsid,posix_setuid,posix_setgid,posix_seteuid,posix_setegid,posix_uname
PHP Security Settings
SettingCurrent ValueRecommendedStatus
display_errorsEmpty0INSECURE
expose_phpEmptyOffINSECURE
allow_url_fopen1OffINSECURE
allow_url_includeEmptyOffINSECURE
register_globalsNot SetOffINSECURE
magic_quotes_gpcNot SetOffINSECURE
session.cookie_httponlyEmpty1INSECURE
session.cookie_secure01INSECURE
session.use_strict_mode01INSECURE
File System Access Tests

Common System File Access Tests

Testing if PHP can read sensitive system files outside the user directory:

✗ /etc/passwd - File does not exist or access denied
✗ /etc/shadow - File does not exist or access denied
✗ /etc/hosts - File does not exist or access denied
✗ /etc/apache2/apache2.conf - File does not exist or access denied
✗ /etc/nginx/nginx.conf - File does not exist or access denied
✗ /etc/my.cnf - File does not exist or access denied
✗ /etc/mysql/my.cnf - File does not exist or access denied
✗ /var/log/apache2/error.log - File does not exist or access denied
✗ /var/log/nginx/error.log - File does not exist or access denied
✗ /proc/version - File does not exist or access denied
✗ /root/.bash_history - File does not exist or access denied
✗ /home - File does not exist or access denied

Write Access Tests

Testing if PHP can write to directories outside the user directory:

✓ /tmp - Directory is writable
✓ /var/tmp - Directory is writable
✗ /var/www - Directory is not writable
✗ /etc - Directory is not writable
✗ /root - Directory is not writable

Directory Listing Tests - /tmp and /var/tmp

Attempting to list files in temporary directories:

/tmp

✓ Directory is accessible and readable

Files found: 62
[DIR] [R-] platform_backup_1763727903 [DIR] [R-] platform_backup_1763730715 [DIR] [R-] platform_backup_1763732889 [DIR] [R-] platform_backup_1763732920 [DIR] [R-] platform_backup_1763732932 [FILE] (56 bytes) [R-] rate_limit_49fade7a0002e811b871e2b8eced854e [FILE] (12 bytes) [R-] rate_limit_ff52e40926d4bb3dce48504cd20463ac [FILE] (0 bytes) [--] sess_037f7f86a4298f064e9edf852ae85f48 [FILE] (0 bytes) [--] sess_07f82f75d6120deecf09ca737b4f744c [FILE] (0 bytes) [--] sess_123209e0f5696217cd6fd3c284c3f8c5 [FILE] (0 bytes) [--] sess_1296f8144f2335a9827b15071d0d4b9b [FILE] (0 bytes) [--] sess_1496386cf795bc55eb37ee8e4c2cee76 [FILE] (0 bytes) [--] sess_184da27453cbb0e9e51273aaea7fa888 [FILE] (0 bytes) [--] sess_2cffb5905f4a766ea6180c1c76413e56 [FILE] (18 bytes) [--] sess_2d2ce27fcbd71628366ac07ad3781f4a [FILE] (0 bytes) [--] sess_2ff67cc9e9dc393dec8213538f59073d [FILE] (0 bytes) [--] sess_30ac9278d050cb40bf60dcd5da655a58 [FILE] (0 bytes) [--] sess_35e48453940287c361b8751c58cc8462 [FILE] (0 bytes) [--] sess_36241807bf19881c6ed7982cd763ec8b [FILE] (0 bytes) [--] sess_3dfdfed0e642e8929ae4e3783372ef5a [FILE] (0 bytes) [--] sess_3faa31209ca19eb2a0fc41d9421ed18e [FILE] (0 bytes) [--] sess_4561816b2d62946d1b1bdd55a8b73212 [FILE] (0 bytes) [--] sess_48642d1591e4057031b8a4a9be425ad2 [FILE] (18 bytes) [--] sess_490493242b284656c50d66e4b902d110 [FILE] (0 bytes) [--] sess_4ed322b1b31a7900e886b05002165cc2 [FILE] (0 bytes) [--] sess_5175d2ffd102875f48f018899060b761 [FILE] (0 bytes) [--] sess_56bb633826a9e5d4776003cb0afea625 [FILE] (0 bytes) [--] sess_587c0e3b3511e611f5fae31a34140903 [FILE] (0 bytes) [--] sess_6125692abceffab3ff284446113854e7 [FILE] (0 bytes) [--] sess_62936d2dda2f2f04d81dac3d7ad21a60 [FILE] (0 bytes) [--] sess_65203d9aeca2bc80cd9eb85b92896d4e [FILE] (0 bytes) [--] sess_6537bf0a5c1880d16deca699999f925c [FILE] (0 bytes) [--] sess_678c431a87b96a614697feb947d6f2b3 [FILE] (0 bytes) [--] sess_72b0724957874de82392968782aef4c2 [FILE] (0 bytes) [--] sess_7c04ea308ae3757d7e71a6024aff0bfb [FILE] (0 bytes) [--] sess_87b674336110ae7bf7c347a4c2fc9855 [FILE] (0 bytes) [--] sess_8a17cd7c8347533757d82fc73e3c6310 [FILE] (0 bytes) [--] sess_93ffda37534e31fb6e45caa027d4b99b [FILE] (0 bytes) [--] sess_945c6bebc9a6824a29c7663235556284 [FILE] (0 bytes) [--] sess_94c587f15400b992c9348239a655189e [FILE] (0 bytes) [--] sess_9e2ca9d0de41b186111cadfe12aa230d [FILE] (0 bytes) [--] sess_a6028c35374b740bed2cc7f9f8b3d068 [FILE] (0 bytes) [--] sess_acbbdec202a6dda32c1935b83df5e99e [FILE] (0 bytes) [--] sess_ad68652abc4888a533410f41e53ee6e6 [FILE] (0 bytes) [--] sess_bb1ef7b9f6c96861164e5b97e7bfbdae [FILE] (0 bytes) [--] sess_c42442a8412f9230ee0655bff3eb039f [FILE] (0 bytes) [--] sess_d2fbc219499265f91a32ae028209eb30 [FILE] (0 bytes) [--] sess_d57ea13873d7c16197075d3ca62d05fd [FILE] (0 bytes) [--] sess_e38beb72e550d3990bb07342d9e87a59 [FILE] (0 bytes) [--] sess_e5b18bf595c7f71dc7ca923d9556cfda ... and 10 more files (limited to first 50)
Attempting to Read Files in /tmp
✓ Successfully read: rate_limit_49fade7a0002e811b871e2b8eced854e (56 bytes read)
Preview: [1763237114,1763237126,1763237129,1763237132,1763237142]
✓ Successfully read: rate_limit_ff52e40926d4bb3dce48504cd20463ac (12 bytes read)
Preview: [1762858937]
✗ Cannot read: sess_037f7f86a4298f064e9edf852ae85f48 (Permission denied)
✗ Cannot read: sess_07f82f75d6120deecf09ca737b4f744c (Permission denied)
✗ Cannot read: sess_123209e0f5696217cd6fd3c284c3f8c5 (Permission denied)
✗ Cannot read: sess_1296f8144f2335a9827b15071d0d4b9b (Permission denied)
✗ Cannot read: sess_1496386cf795bc55eb37ee8e4c2cee76 (Permission denied)
✗ Cannot read: sess_184da27453cbb0e9e51273aaea7fa888 (Permission denied)
✗ Cannot read: sess_2cffb5905f4a766ea6180c1c76413e56 (Permission denied)
✗ Cannot read: sess_2d2ce27fcbd71628366ac07ad3781f4a (Permission denied)

Summary: Successfully read 2 out of 10 tested files

/var/tmp

✓ Directory is accessible and readable

Files found: 2
Attempting to Read Files in /var/tmp

Current Directory Information

Current Working Directory: /home/t91/domains/surround-flash-9d7a403c-91.app.omni-coder.com/public_html Document Root: /home/t91/domains/surround-flash-9d7a403c-91.app.omni-coder.com/private_html Script Filename: /home/t91/domains/surround-flash-9d7a403c-91.app.omni-coder.com/private_html/index.php Current User: t91 User ID: 1019 Group ID: 1020
Server Information
ParameterValue
Server SoftwareApache/2
Server Namesurround-flash-9d7a403c-91.app.omni-coder.com
Server ProtocolHTTP/1.0
PHP SAPIfpm-fcgi
Operating SystemLinux
Server Adminwebmaster@surround-flash-9d7a403c-91.app.omni-coder.com
Document Root/home/t91/domains/surround-flash-9d7a403c-91.app.omni-coder.com/private_html
Loaded PHP Extensions
• Core
• FFI
• PDO
• Phar
• Reflection
• SPL
• SimpleXML
• bcmath
• calendar
• cgi-fcgi
• ctype
• curl
• date
• dom
• exif
• fileinfo
• filter
• ftp
• gd
• gettext
• hash
• iconv
• intl
• json
• libxml
• mbstring
• mysqli
• mysqlnd
• openssl
• pcre
• pdo_mysql
• pdo_sqlite
• posix
• random
• session
• shmop
• soap
• sockets
• sodium
• sqlite3
• standard
• sysvmsg
• sysvsem
• sysvshm
• tokenizer
• xml
• xmlreader
• xmlwriter
• xsl
• zip
• zlib
Security Summary

No major vulnerabilities detected

The server appears to have reasonable security configurations in place.