duan02143 2011-10-24 17:53
浏览 36
已采纳

XDebug on Hosting - 安全?

I have a VPS account on which I set up a Linux server to host some customer websites, and to upload "previews" of websites before publishing them to the production server.

I develop the websites on my own machine (Windows) and do most of the testing there. Because of the difference in platform, sometimes problems appear on the Linux host, and I could use a debugging interface on that...

My question is how safe is it to have xdebug on a remote public server which would also be used for hosting production websites? Is it possible? Recommended? What do you think?

Thanks...

  • 写回答

2条回答 默认 最新

  • duanlinma5885 2011-10-24 20:43
    关注

    xdebug is perfectly safe on a remote instance as long as you set the xdebug.remote_host variable. Otherwise it is a MAJOR secuirty problem because it would allow the attacker to view any variable in memory during runtime. It could be used to obtain your mysql login or any other secret variables you may have.

    edit: A VPN is a good solution to keep leaking sensitive data over the net in plain text.

    本回答被题主选为最佳回答 , 对您是否有帮助呢?
    评论
查看更多回答(1条)

报告相同问题?

悬赏问题

  • ¥120 计算机网络的新校区组网设计
  • ¥20 完全没有学习过GAN,看了CSDN的一篇文章,里面有代码但是完全不知道如何操作
  • ¥15 使用ue5插件narrative时如何切换关卡也保存叙事任务记录
  • ¥20 海浪数据 南海地区海况数据,波浪数据
  • ¥20 软件测试决策法疑问求解答
  • ¥15 win11 23H2删除推荐的项目,支持注册表等
  • ¥15 matlab 用yalmip搭建模型,cplex求解,线性化处理的方法
  • ¥15 qt6.6.3 基于百度云的语音识别 不会改
  • ¥15 关于#目标检测#的问题:大概就是类似后台自动检测某下架商品的库存,在他监测到该商品上架并且可以购买的瞬间点击立即购买下单
  • ¥15 神经网络怎么把隐含层变量融合到损失函数中?