Security
Running User
It is recommended to set the running user to a user with lower permissions, for example, consistent with the nginx running user. The running user is set in the user
and group
in config/server.php
.
Similarly, the user for custom processes is specified through user
and group
in config/process.php
.
It should be noted that the monitor process should not set a running user, as it requires elevated permissions to function properly.
Controller Specification
Only controller files should be placed in the controller
directory or its subdirectories; other class files are prohibited. Otherwise, if the controller suffix is not enabled, class files may potentially be accessed illegally via URL, leading to unpredictable consequences.
For example, app/controller/model/User.php
is actually a Model class but is incorrectly placed in the controller
directory. If the controller suffix is not enabled, it would allow users to access any method in User.php
through a URL like /model/user/xxx
.
To completely eliminate this situation, it is strongly recommended to use the controller suffix to explicitly mark which files are controller files.
XSS Filtering
For generality, webman does not perform XSS escaping on requests.
Webman strongly recommends performing XSS escaping during rendering, rather than before storing.
Templates such as twig, blade, and think-template automatically execute XSS escaping without requiring manual escaping, making it very convenient.
Tip
If you perform XSS escaping before storing, it may likely cause compatibility issues with certain application plugins.
Preventing SQL Injection
To prevent SQL injection, it is advisable to use ORM, such as illuminate/database or think-orm, and try not to assemble SQL manually while using them.
Nginx Proxy
When your application needs to be exposed to external users, it is strongly recommended to add an nginx proxy in front of webman. This can filter some illegal HTTP requests and enhance security. Please refer to nginx proxy for specifics.