Dynamo

JDW

16 Jul 2015, 8:42 am

Parsing HTML as PHP

I’ve read that there is a some small security advantage to obfuscating *.php files as *.html files. On Apache servers such can be accomplished by adding the following line to .htaccess:

AddType application/x-httpd-php .html

But are there performance and/or other disadvantages to doing that?

David Ledger

16 Jul 2015, 8:57 am

On 16 Jul 2015, at 09:42, JDW wrote:

I’ve read that there is a some small security advantage to obfuscating *.php files as *.html files. On Apache servers such can be accomplished by adding the following line to .htaccess:

AddType application/x-httpd-php .html

But are there performance and/or other disadvantages to doing that?

If you make that setting the server will have to pass all *.html files through php processing, regardless of whether they contain php code or not. That is all extra cpu cycles. It’s a long time since I built a web server, but it wouldn’t surprise me if it didn’t double or even triple the cpu cycles.

David