jimlongo - January 13th, 2010 02:19 GMT |
|
|
Edited by jimlongo on January 13th, 2010 02:23 GMT
Thanks Camil. That seems alright.
If anyone's interested I've put this in my php.ini file with no effect on ICT.
Note: may work or not depending on some of your server defaults
------ START CODE ------ allow_url_fopen = Off
register_globals = Off
expose_php = Off
magic_quotes_gpc = On
magic_quotes_sybase = Off
disable_functions = exec,shell_exec,passthru,system,show_source,proc_open, popen,parse_ini_file,dl
------ END CODE ------
and to protect your php.ini file put this in your .htaccess file
------ START CODE ------ # PROTECT php.ini file. <Files php.ini> order allow,deny deny from all </Files> ------ END CODE ------
and found this really good block for a lot of exploits, check out the article at http://perishablepress.com/press/2009/03/16/the-perishable-press-4g-blacklist/ (Perishable Press)
|
|
|
|
|
|
|