Parsing HTML as PHP

I’ve read that there is a some small security advantage to obfuscating *.php files as *.html files. On Apache servers such can be accomplished by adding the following line to .htaccess:

AddType application/x-httpd-php .html

But are there performance and/or other disadvantages to doing that?


dynamo mailing list
email@hidden
Update your subscriptions at:
https://freewaytalk.softpress.com/person/options

On 16 Jul 2015, at 09:42, JDW wrote:

I’ve read that there is a some small security advantage to obfuscating *.php files as *.html files. On Apache servers such can be accomplished by adding the following line to .htaccess:

AddType application/x-httpd-php .html

But are there performance and/or other disadvantages to doing that?

If you make that setting the server will have to pass all *.html files through php processing, regardless of whether they contain php code or not. That is all extra cpu cycles. It’s a long time since I built a web server, but it wouldn’t surprise me if it didn’t double or even triple the cpu cycles.

David


dynamo mailing list
email@hidden
Update your subscriptions at:
https://freewaytalk.softpress.com/person/options