Avoid insecure PHP FTP/SMTP or plaintext transport patterns | Critiq Docs

#Metadata

Rule ID: php.security.insecure-mail-or-file-transport
Severity: medium
Confidence: 0.72
Languages: php
Presets: security, strict
Stability: experimental
Applies to: block
Tags: php, rules-catalog, security, transport

#Why it matters

Unencrypted transfer channels expose credentials and payloads to interception or tampering.

#Remediation

Use encrypted transport endpoints and modern client libraries with certificate validation enabled.

#Repository path

The generated metadata points to critiq-rules/libs/rules/catalog/rules/php/php.security.insecure-mail-or-file-transport.rule.yaml.

Back to directory Open rule in repository