 |
|
|
|
|
|
|
|
|
|
|||||||
 |
|
|
Thread Tools | Search this Thread | Rate Thread | Display Modes |
|
|
2005-10-13, 05:03 PM
|
#1 | |
|
You can now put whatever you want in this space :)
Join Date: Oct 2004
Location: New Haven, CT
Posts: 985
 |
Quote:
Also, each of my domain requires a variant of the basic classes I use across all domains, so it's easier for me to use a set per domain instead of set per server.
__________________
Success is going from failure to failure without a loss of enthusiasm. |
|
|
|
|
2005-10-13, 07:40 PM
|
#2 |
|
The only guys who wear Hawaiian shirts are gay guys and big fat party animals
Join Date: Jan 2004
Posts: 178
|
More PHP security advice:
ALL PHP scripts have security issues, including the following script, which lets any visitor to the site upload any file they want to your server: PHP Code:
people uploaded files to your server due to the design (or rather lack of design) of PHP itself. To improve PHP security turn register_globals off, fopen_url off, open_basedir on, and except for directories that hold scripts which accept file uploads turn file uploads off. |
|
|
|
|
2005-10-14, 12:08 PM
|
#3 | |
|
With $10,000, we'd be millionaires! We could buy all kinds of useful things like ... love!
|
Another option is to deter the 'hackers' in the first place by:
1) disguising the fact you use scripting by renaming your .php files to .htm and adding the following to your .htaccess Quote:
2) hiding all file extensions using mod_rewrite so that they appear to be directories. I do that at my TopSites list at topsites.allyoursex.com Option 1 would be the easiest for most, I expect, but I mentioned option 2 as an alternative for those in position to use it.
__________________
Playboy Webmasters - The name says it all! $35 per signup or 60% revshare. |
|
|
|
|
|
|
|
Hybrid Mode
