Revision [268]
This is an old revision of SecurePHP made by WojciechLisiewicz on 2007-06-16 07:43:24.
Making PHP secure
- do not use "register globals"
- /etc/php.ini > register_globals = OFF
- if you use "register_globals", then initialize every variable!
- do not trust incoming data
- you shouldn't use "include($_GET['seite']);"
- use "open_basedir" and other safe settings in your APACHE / PHP configuration
- SafeMode in php.ini and httpd.conf
