PHP ni lugha yenye nguvu, lakini functions fulani zinaweza kutumika vibaya na wavamizi kuingiza malware, kuendesha amri za server, au kuiba data zako.
Kwa hivyo, kuzima (disable) functions hatarishi ni hatua muhimu ya ulinzi.

Mfano wa functions hatarishi:

exec(), shell_exec(), system(), passthru(), proc_open(), popen()

eval(), assert(), create_function()

phpinfo() (inaweza kufichua version na settings)

🔧 1️⃣ Jinsi ya Kuzima Functions Hatarishi

Hakikisha una access ya php.ini. Kisha ondoa au ongeza functions kwenye disable_functions:

; php.ini
disable_functions = exec,passthru,shell_exec,system,proc_open,popen,eval,assert,create_function,phpinfo


Hatua za Kuangalia:

php -i | grep disable_functions


Kwenye shared hosting, unaweza kutumia .user.ini au .htaccess kama huwezi ku-edit php.ini:

; .user.ini
disable_functions = exec,passthru,shell_exec,system,proc_open,popen,eval,assert

🛠️ 2️⃣ Kuboresha Usalama Zaidi
✅ Limit File Upload Execution

Weka folder la uploads lisitumike kwa PHP execution:

<Directory "/var/www/html/uploads">
php_admin_flag engine off
</Directory>

✅ Fanya Input Validation

Angalia input zote zinazoingia kwenye server yako (POST, GET, COOKIE):

<?php
$user_input = $_POST['username'];
$clean = preg_replace("/[^a-zA-Z0-9_-]/", "", $user_input);
?>

🧰 3️⃣ Angalia Functions Zilizotumika Hatarishi

Hapa kuna script ya PHP inayokuonyesha kama functions hatarishi zinaweza kutumika:

<?php
$dangerous = ['exec','shell_exec','system','passthru','proc_open','popen','eval','assert'];
foreach($dangerous as $func) {
if(function_exists($func)){
echo "⚠️ Function $func iko hai, inaweza kuwa hatari!\n";
} else {
echo "✅ Function $func imezimwa.\n";
}
}
?>

🔍 4️⃣ Kumbuka Usalama Zaidi

Update PHP mara kwa mara ili kupata security patches.

Limit privileges za database na server kwa least privilege principle.

Enable Web Application Firewall (WAF) kama ModSecurity au Cloudflare.

Backup files kabla ya kufanya mabadiliko makubwa.

🌐 Rasilimali & Msaada

Tembelea makala kamili zaidi: https://www.faulink.com