Revision [266]
This is an old revision of SecurePHP made by WojciechLisiewicz on 2007-06-14 07:34:58.
Making PHP secure
- do not use "register globals"
- /etc/php.ini > register_globals = OFF
- if you use "register_globals", then initialize every variable!
- do not trust incoming data
- you shouldn't use "include($_GET['seite']);"
- use "open_basedir" and other safe settings in your APACHE / PHP configuration
- WebserverSafeSettings in php.ini and httpd.conf
