Skip to content

PHP magic bytes (.php)

.php file signature: 3C 3F 70 68 70 | text/x-php

Category: Source Code

PHP is a server-side scripting language and file format originally created by Rasmus Lerdorf and now maintained by the PHP Group. It is used to build dynamic web pages, content management systems, web applications, and command-line automation scripts, and is commonly embedded within HTML. PHP code should be reviewed before execution because it can access files, databases, and network resources, making untrusted scripts a security risk.

Safe

Magic Bytes

Offset 0
3C 3F 70 68 70

Sources: Apache Tika

Extension

.php

MIME Type

text/x-php

Byte Offset

0

Risk Level

Safe

Validation Code

How to validate .php files in Python

Python 
def is_php(file_path: str) -> bool:
    """Check if file is a valid PHP by magic bytes."""
    signature = bytes([0x3C, 0x3F, 0x70, 0x68, 0x70])
    with open(file_path, "rb") as f:
        return f.read(5) == signature

How to validate .php files in Node.js

Node.js 
function isPHP(buffer: Buffer): boolean {
  const signature = Buffer.from([0x3C, 0x3F, 0x70, 0x68, 0x70]);
  return buffer.subarray(0, 5).equals(signature);
}

How to validate .php files in Go

Go 
func IsPHP(data []byte) bool {
    signature := []byte{0x3C, 0x3F, 0x70, 0x68, 0x70}
    if len(data) < 5 {
        return false
    }
    return bytes.Equal(data[:5], signature)
}

API Endpoint

GET /api/v1/php
curl https://filesignature.org/api/v1/php

See the full API documentation for all endpoints and parameters.

Related Formats

.awk .php3 .php4 .pl .pm .py

Frequently Asked Questions

What is a .php file?

A .php file is identified by the magic bytes 3C 3F 70 68 70 at byte offset 0. PHP is a server-side scripting language and file format originally created by Rasmus Lerdorf and now maintained by the PHP Group. It is used to build dynamic web pages, content management systems, web applications, and command-line automation scripts, and is commonly embedded within HTML. PHP code should be reviewed before execution because it can access files, databases, and network resources, making untrusted scripts a security risk.

What are the magic bytes for .php files?

The magic bytes for PHP (.php) files are 3C 3F 70 68 70 at byte offset 0. These bytes identify the file format more reliably than the extension alone.

How do I validate a .php file?

To validate a .php file, read the first bytes of the file and compare them against the known magic bytes (3C 3F 70 68 70) at offset 0. This is more reliable than checking the file extension alone, as extensions can be renamed.

What is the MIME type for .php files?

The primary MIME type for .php files is text/x-php.

Is it safe to open .php files?

PHP (.php) files are generally safe to open. They are classified as low risk because they primarily contain data rather than executable code. However, always ensure files come from a trusted source.