PHP语言以其强大的功能在动态网站建设中得到广泛应用,但因其本身的缺陷以及开发人员的安全意识不足,使得PHP网站存在各种Web安全漏洞.同时,随着网站信息量的增加,不仅Web应用服务器的负担随之增加,而且不利于提高网站内容被搜索引擎搜索到的几率.为此结合信息发布系统的开发经验,讨论PHP网站常见的安全漏洞以及相应的防范策略,确保系统安全,同时对全站静态化技术进行详细介绍,大大提高了Web服务器的运行效率.%PHP is widely used in construction of dynamic website due to its powerful function, but various security vulnerabilities exsit still in PHP website because of its defects and the lack of developers' safety awareness. Meanwhile, with the increase of website information, not only the workload of WEB application server grows, but also the probability that the contents in the website are found by search engine is reduced. In combination with the experience of developing the information distribution system, common security vulnerabilities of PHP website and the corresponding prevention strategies ensuring the safety of the system are discussed. The static technology of website is described in detail. It greatly improves the operating efficiency of WEB server.
展开▼
