Hi! I don't understand. What are you trying to do?

Am trying to encode or encrypt the url eg(www.sports.com/home.php)to somefin like www.sports.com/ghyxs#*$!x so hackers will find it difficult to hack it

In this particular case,

www.example.com/home.php

I'd add php to the server's indexing configuration and rename home.php as index.php so you can just do

www.example.com/

then remove all specific links to /index.php,

<a href="/index.php">Home</a>

change them to

<a href="/">Home</a>

For other pages, though, it won't make it more difficult to hack, but it will make it more memorable for your visitors and help your search engine ranking (if other things are in place with it.) The answer lies in mod_rewrite, well discussed in the apache forum. An example, if you currently have

<a href="/about.php">About</a>

You can create an .htaccess rule like this:

<IfModule mod_rewrite.c>
RewriteEngine on
RewriteRule ^About$ /about.php$1 [L]
</IfModule>

Then change your links to

<a href="/About">About</a>

And the url in the address bar will display

www.example.com/About

but it will execute about.php.

So how will i make it diffcult for hackers to hack my site since php is so hackerable.

I very much doubt modifying the displayed URL will provide any obstacle to hackers.

Your best bet of preventing hacks is:
- To maintain a properly configured firewall and other security software on your server.
- To keep aforementioned software up to date, as well as any versions of PhP etc. you are running, and the operating system too.
- To adhere to good practice in all use of passwords (length, lower case, upper case, numbers and symbols).
- To never disclose any security information to anyone, unless you feel very strongly that you can trust them.
- To change security information on a semi-regular basis (every 6-8 weeks).

There are other practices for maintaining server security as well; however following these rules will prevent the larger percentage of potential hackers gaining access to your files.

So how will i make it diffcult for hackers to hack my site since php is so hackerable.

PHP in itself is **not** all that vulnerable. There are some vulnerabilities that get turned over that are inherent in the releases, the incidents of hacks due to this level of vulnerability are far less than others. I am guessing now, but from the code I've seen, I'd be willing to bet that **most** of the hacks are due to how it's coded, not PHP itself.

Most of the "my site was hacked" threads will reveal someone downloading and installing a free open source solution (read: WordPress, cart solutions) and are so ecstatic that they got it running they don't bother to read all the silly mumbo jumbo about securing the installation. They leave all the directories and critical files at default locations and names, and hackers know just where to snoop for them. From there it's a simple brute force attack to get past what is likely an oversimplified password.

The other portion is mostly poorly coded homegrown apps, I'd bet on it.

PHP in itself is **not** all that vulnerable. There are some vulnerabilities that get turned over that are inherent in the releases, the incidents of hacks due to this level of vulnerability are far less than others. I am guessing now, but from the code I've seen, I'd be willing to bet that **most** of the hacks are due to how it's coded, not PHP itself.

Yeah, I actually saw a stat the other day RE PHP security (I don't remember exactly where) and 26% or 28% of all reported hacks for the last year (I think) were PHP, but only 1% were due to actual PHP vulnerabilities and comparable to other languages... The rest were due to the coding itself, where the person doing the coding did not understand, or for some other reason, did not take the steps necessary to secure the code they were writing.

I may not have the exact number and time period, but I know the direct PHP vulnerabilities only accounted for 1% of the overall hacks and the rest (which I remember thinking was a high percentage for a language - over 25%) was from the actual coding. No guess here. I really read the numbers a few days ago, which absolutely backup rocknbil's guess... Security is mainly in the hands and under the control of the coder.

I agree with the previous two posters. Compare it with driving a car, it depends on the person behind the wheel if the thing is dangerous.

Out of all the places I don't usually listen too except with a grain of salt:

[en.wikipedia.org...]

Original Source for Numbers: (It Looks Like)
[web.nvd.nist.gov...]

I'll let you dig through the cited resources on the WikiPedia page and the numbers on the Gov site if you feel the need. There are actually a couple other resources linked somewhere along the click-path I followed backing up the numbers on the WikiPedia page, so I'll go with them as a fairly good estimate.