PHP其实不过是Web服务器的一个模块功能，所以首先要保证Web服务器的安全。当然Web服务器要安全又必须是先保证系统安全，这样就扯远了，无穷无尽。PHP可以和各种Web服务器结合，这里也只讨论Apache。非常建议以chroot方式安装启动Apache，这样即使Apache和PHP及其脚本出现漏洞，受影响的也只有这个禁锢的系统，不会危害实际系统。但是使用chroot的Apache后，给应用也会带来一定的麻烦，比如连接mysql时必须用127.0.0.1地址使用tcp连接而不能用localhost实现socket连接，这在效率上会稍微差一点。还有mail函数发送邮件也是个问题，因为php.ini里的-PHP In fact, it is a module of the Web server function, so we must first ensure the security of the Web server. Of course, the Web server to be safe and must first ensure the safety of the system, so that you pull away, endless. PHP can be combined with a variety of Web servers, here only discuss Apache. Is highly recommended to install chroot start Apache, so that even if the Apache and PHP scr ipting vulnerability that affected only the detention system, will not harm the actual system. Use the chroot Apache to the application will also bring some trouble, such as mysql connection must be used with the 127.0.0.1 address the tcp connection rather than using localhost socket connection in efficiency will be a little bit worse. Mail function to send mail is also a problem, because the php.ini ...