K1u Posted September 12, 2007 Share Posted September 12, 2007 I was just viewing a awesome thread at Joomla's site over this - http://forum.joomla.org/index.php/topic,75990.0.html You can disable functions in your php.ini file like so disable_functions = show_source, system, shell_exec, passthru, exec, phpinfo, popen, proc_open, escapeshellcmd, escapeshellarg Add any other functions you might want to disable as well. Quote Link to comment Share on other sites More sharing options...
SomeoneE1se Posted September 13, 2007 Share Posted September 13, 2007 Yes, but how do you disable it for all folder but one? Quote Link to comment Share on other sites More sharing options...
digip Posted September 13, 2007 Share Posted September 13, 2007 Yes, but how do you disable it for all folder but one? You have to configure it to scan for other php.ini files in other directories, and then have a php.ini file in each directory you want to turn functions off for. His link to the other forum post has more arguments for and against it and what they were doing to work around it. Quote Link to comment Share on other sites More sharing options...
K1u Posted September 13, 2007 Author Share Posted September 13, 2007 Yes, but how do you disable it for all folder but one? You have to configure it to scan for other php.ini files in other directories, and then have a php.ini file in each directory you want to turn functions off for. His link to the other forum post has more arguments for and against it and what they were doing to work around it. There is also many various other ways to configure it securely. Yes you will have to put it into each folder. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.