Revision [269]
This is an old revision of SecurePHP made by WojciechLisiewicz on 2007-06-16 07:44:33.
Making PHP secure
- do not use "register globals"
- /etc/php.ini > register_globals = OFF
- if you use "register_globals", then initialize every variable!
- do not trust incoming data
- you shouldn't use "include($_GET['seite']);"
- use safe settings in your APACHE / PHP configuration
- SafeMode in php.ini
- OpenBasedir in httpd.conf