==== Securing PHP After Installation ====
After you have installed php you should go about securing php.
\\
One major issue with php.ini file the following entry. Please note, if the line below is commented out AND =0 is NOT specified then the server will default to the value =1
<sxh bash>
cgi.fix_pathinfo=1
</sxh>
You can find this entry in your php.ini with the following command:
<sxh bash>
grep 'cgi.fix_pathinfo' /etc/php.ini
</sxh>
Explanation: 
\\
When the value of cgi.fix_pathinfo=1 then the PHP interpreter will process files with similar file names rather than exact names. 
\\
For example, if the script mysript.php cannot be found the PHP interpreter will try to find a similar file name such as myscript.jpg and try to execute this.
\\
This is obviously a security risk.
\\
\\
Make sure you commend out cgi.fix_pathinfo=1
\\ 
Example:
<sxh bash>
;cgi.fix_pathinfo=1
</sxh>
And then add the following:
<sxh bash>
;cgi.fix_pathinfo=0
</sxh>
=== Testing ===
The following command can be used to view the value of php-fpm cgi.fix_pathinfo
<sxh bash>
php-fpm -i 2>&1 | grep 'pathinfo'
</sxh>