PHP Questions & Answers – Website Security using PHP

This set of PHP Multiple Choice Questions & Answers (MCQs) focuses on “Website Security using PHP”.

1. Which one of the following statements should be used to disable just the fopen(), and file() functions?
a) disable_functions = fopen(), file()
b) disable_functions = fopen, file
c) functions_disable = fopen(), file()
d) functions_disable = fopen, file
View Answer

Answer: b
Explanation: You can set disable_functions equal to a comma-delimited list of function names that you want to disable.

2. Which one of the following statements should be used to disable the use of two classes administrator and janitor?
a) disable_classes = “administrator, janitor”
b) disable_classes = class administrator, class janitor
c) disable_classes = class “administrator”, class “janitor”
d) disable_class = class “administrator”, class “janitor”
View Answer

Answer: a
Explanation: There may be classes inside the libraries that you’d rather not make available. You can prevent the use of these classes with the disable_classes directive.

3. What is the default value of max_execution_time directive? This directive specifies how many seconds a script can execute before being terminated.
a) 10
b) 20
c) 30
d) 40
View Answer

Answer: c
Explanation: This can be useful to prevent users’ scripts from consuming too much CPU time. If max_execution_time is set to 0, no time limit will be set.

4. The memory_limit is only applicable if ________ is enabled when you configure PHP.
a) –enable-limit
b) -enable-memory-limit
c) –enable-memory-limit
d) -memory-limit
View Answer

Answer: c
Explanation: This directive specifies, in megabytes, how much memory a script can use. Default value: 128M.

5. Suppose all web material is located within the directory /home/www. To prevent users from viewing and manipulating files such as /etc/password, which one of the following statements should you use?
a) open_dir = “/home/www/”
b) open_dir = /home/www/
c) open_basedir = /home/www/
d) open_basedir = “/home/www/”
View Answer

Answer: d
Explanation: We can use open_basedir statement to define the paths from which we can access files using functions like fopen() and gzopen(). It is used to prevent users from viewing and manipulating files such as /etc/password.
Sanfoundry Certification Contest of the Month is Live. 100+ Subjects. Participate Now!

6. Which Apache directive outputs Apache’s server version, server name, port and compile-in modules?
a) ServerSignature
b) ServerName
c) ServerDetails
d) ServerInfo
View Answer

Answer: a
Explanation: It is capable of displaying output like: Apache/2.2.11 (Ubuntu) Server at localhost Port 80.

7. Which directive determines which degree of server details is provided if the ServerSignature directive is enabled?
a) ServerAddons
b) ServerExtra
c) ServerTokens
d) ServerDetails
View Answer

Answer: c
Explanation: Six options are available: Full, Major, Minimal, Minior, OS, and Prod. If it is set to Full ‘Apache/2.2.11 (Ubuntu) PHP/5.3.2 Server’ will be displayed.

8. Which directive should we disable to obscure the fact that PHP is being used on our server?
a) show_php
b) expose_php
c) print_php
d) info_php
View Answer

Answer: b
Explanation: Using the expose_php directive we can prevent PHP version details from being appended on our web server signature. When expose_php is disabled, the server signature will look like: Apache/2.2.11 (Ubuntu) Server.

9. Say I want to change the extension of a PHP file, which of the following statements should I edit to change from .php to .html in the httpd.conf file?
a) AddType application/x-httpd-php .php
b) AddType application/x-httpd-php .asp
c) AddType application/x-httpd-asp .php
d) AddType application/x-httpd-asp .asp
View Answer

Answer: a
Explanation: Just change the .php to .html and your extension will change. This is used for security purpose.

10. The developers of PHP deprecated the safe mode feature as of which PHP version.
a) PHP 5.1.0
b) PHP 5.2.0
c) PHP 5.3.0
d) PHP 5.3.1
View Answer

Answer: c
Explanation: This happened because safe mode often creates many problems as it resolves, largely due to the need for enterprise applications to use many of the features safe mode disables.

Sanfoundry Global Education & Learning Series – PHP Programming.

To practice all questions on PHP Programming, here is complete set of 1000+ Multiple Choice Questions and Answers on PHP.

If you find a mistake in question / option / answer, kindly take a screenshot and email to [email protected]

Subscribe to our Newsletters (Subject-wise). Participate in the Sanfoundry Certification contest to get free Certificate of Merit. Join our social networks below and stay updated with latest contests, videos, internships and jobs!

Youtube | Telegram | LinkedIn | Instagram | Facebook | Twitter | Pinterest
Manish Bhojasia - Founder & CTO at Sanfoundry
Manish Bhojasia, a technology veteran with 20+ years @ Cisco & Wipro, is Founder and CTO at Sanfoundry. He lives in Bangalore, and focuses on development of Linux Kernel, SAN Technologies, Advanced C, Data Structures & Alogrithms. Stay connected with him at LinkedIn.

Subscribe to his free Masterclasses at Youtube & discussions at Telegram SanfoundryClasses.