PhpSecInfo 是一个类似 phpinfo() 的东西，不同的是它会列出你PHP 环境设定中存在的安全问题并给出一些建议。

PhpSecInfo

What is it?

PhpSecInfo provides an equivalent to the phpinfo() function that reports security information about the PHP environment, and offers suggestions for improvement. It is not a replacement for secure development techniques, and does not do any kind of code or app auditing, but can be a useful tool in a multilayered security approach.

License

PhpSecInfo is released under the "New BSD" license. View the LICENSE file for more details

Contributing

We encourage interested PHP developers to:

• propose new tests
• write tests
• write documentation
• ask questions
• offer suggestions and feedback

In the near future we'll sort out bug reporting tools and hopefully public SVN access. We do have a mailing list set up for public discussion at: