<pre>=== Deep PHP Security Check (Hardened) ===
Generated: 2026-03-13T04:28:36+00:00


---- BASIC INFO ----
PHP Version : 8.2.30
SAPI        : fpm-fcgi
OS          : Linux liteserv-l1 5.15.0-171-generic #181-Ubuntu SMP Fri Feb 6 22:44:50 UTC 2026 x86_64
php.ini     : /etc/php/8.2/fpm/php.ini
open_basedir: /var/www/liteserver/e44de54a-2678-490b-911b-1249f92e576e/a70c56c4-89e0-428a-8108-83d820867e40/root:/tmp
User        : unavailable
Identity    : unavailable

---- INI HARDENING ----
[INFO] display_errors :: not available
[OK] log_errors :: On
[INFO] expose_php :: not available
[INFO] allow_url_include :: not available
[INFO] allow_url_fopen :: not available
[OK] session.use_strict_mode :: On
[INFO] session.cookie_httponly :: not available
[OK] session.cookie_secure :: On
[OK] phar.readonly :: On
[OK] session.cookie_samesite :: Lax
[WARN] include_path :: contains '.' which can enable local include confusion
[OK] auto_prepend_file :: not set
[OK] auto_append_file :: not set

---- DANGEROUS FUNCTION SURFACE ----
[OK] exec :: disabled/unavailable
[OK] system :: disabled/unavailable
[OK] shell_exec :: disabled/unavailable
[OK] passthru :: disabled/unavailable
[OK] proc_open :: disabled/unavailable
[OK] popen :: disabled/unavailable
[OK] pcntl_exec :: disabled/unavailable
[WARN] assert :: callable
[INFO] eval :: language construct; cannot be disabled via disable_functions
[OK] disable_functions :: exec, system, shell_exec, passthru, proc_open, popen, pcntl_exec

---- FILESYSTEM CHECK ----
[OK] temp dir :: /tmp
[INFO] temp dir writable :: yes
[INFO] script path :: /var/www/liteserver/e44de54a-2678-490b-911b-1249f92e576e/a70c56c4-89e0-428a-8108-83d820867e40/root/index.php
[WARN] script writable :: yes
[INFO] path check :: /etc/passwd not found
[INFO] path check :: /etc/shadow not found
[INFO] path check :: /root not found

---- PROCESS AND SYSTEM VISIBILITY ----
[OK] root listing :: blocked
[OK] process listing :: blocked
[OK] mount visibility :: blocked

---- ENVIRONMENT LEAK CHECK ----
[INFO] env count :: 37
  HOME = /var/www
  USER = www-data
[OK] sensitive env keys :: not detected

---- CONTAINER CHECK ----
[OK] docker env file :: not detected
[OK] cgroup visibility :: blocked/unavailable

---- EXTENSION CHECK ----
[OK] extension:openssl :: loaded
[OK] extension:sodium :: loaded
[OK] extension:mbstring :: loaded
[OK] extension:json :: loaded
[OK] xdebug :: not loaded

---- RESULT SUMMARY ----
Total checks : 42
OK           : 27
INFO         : 12
WARN         : 3
FAIL         : 0
Risk score   : 85/100 (higher is better)
Overall      : MEDIUM

Top findings:
 - [WARN] include_path :: contains '.' which can enable local include confusion
 - [WARN] assert :: callable
 - [WARN] script writable :: yes

=== END ===
</pre>