![](https://i.imgur.com/9UQ54uc.gif"){kind=small}
The first thing we need to do to ensure our application is secure is to make sure we check all the data entered by the visitor and act if it is not data expected by the application. The next step is to check if our application is secure, but how do we do that?
There is a project called phpsecinfo that checks the website for vulnerabilities in the phpinfo format. To use it, simply download it from the project's website, unzip it in a folder on our server (accessible from the web), and call the script from the browser.
We can also create our own script (assuming we have extracted it into the PhpSecInfo folder):
```php
<?php
require_once("PhpSecInfo/PhpSecInfo.php");
phpsecinfo();
?>
```
It is important to be very careful not to make it accessible to anyone (including search engine robots) as we would be exposing our vulnerabilities to the public.
There is a project called phpsecinfo that checks the website for vulnerabilities in the phpinfo format. To use it, simply download it from the project's website, unzip it in a folder on our server (accessible from the web), and call the script from the browser.
We can also create our own script (assuming we have extracted it into the PhpSecInfo folder):
```php
<?php
require_once("PhpSecInfo/PhpSecInfo.php");
phpsecinfo();
?>
```
It is important to be very careful not to make it accessible to anyone (including search engine robots) as we would be exposing our vulnerabilities to the public.