3
Quote:
hervet wrote:
It seems ok for me.
Don't forget to secure your database too.
Thanks. Yes, the db is okay, I use Protector.
It was going to be way too much to define the php values in a php.ini, because we would need one in every path that had, at least an 'include' or 'require' in the php code. I did a quick glance, and counted no less than 78 paths that would need a modified php file, ...... no thanks, what a maintenance nightmare.
Fortunately, the server admin person was kind enough to modify the server wide php settings for me, as _most_ of those required by XOOPS and Protector are set correctly anyway.
The only one that isn't set (off) is allow_url_fopen , however the point raised in the first post is an issue, that is, the real need to have this set off. Also, server security is such that people who are trying exploits on the site, and trying to pass a remote file (by include "http" and the filename in the uri), are getting nowhere at all, they get a 403 or a 404.
In the process of reading some docs on suPHP, we found out that in php 5.3 , the use of .htaccess will again be available, at least, that's the way I read it.
NO to the Microsoft Office format as an ISO standard. Sign the
petition
