1.2.808. No Hardcoded Port

When connecting to a remove server, port is an important information. It is recommended to make this configurable (with constant or configuration), to as to be able to change this value without changing the code.

<?php

    // Both configurable IP and hostname
    $connection = ssh2_connect($_ENV['SSH_HOST'], $_ENV['SSH_PORT'], $methods, $callbacks);

    // Both hardcoded IP and hostname
    $connection = ssh2_connect('shell.example.com', 22, $methods, $callbacks);

    if (!$connection) die('Connection failed');
?>

1.2.808.1. Connex PHP features

• port

1.2.808.1.1. Suggestions

• Move the port to a configuration file, an environment variable

1.2.808.1.2. Specs

Short name	Structures/NoHardcodedPort
Rulesets	All, Analyze, Changed Behavior, Security
Exakat since	0.8.4
PHP Version	All
Severity	Minor
Time To Fix	Quick (30 mins)
Precision	Very high
Examples	WordPress
Available in	Entreprise Edition, Exakat Cloud