K1u Posted September 12, 2007 Posted September 12, 2007 I was just viewing a awesome thread at Joomla's site over this - http://forum.joomla.org/index.php/topic,75990.0.html You can disable functions in your php.ini file like so disable_functions = show_source, system, shell_exec, passthru, exec, phpinfo, popen, proc_open, escapeshellcmd, escapeshellarg Add any other functions you might want to disable as well. Quote
SomeoneE1se Posted September 13, 2007 Posted September 13, 2007 Yes, but how do you disable it for all folder but one? Quote
digip Posted September 13, 2007 Posted September 13, 2007 Yes, but how do you disable it for all folder but one? You have to configure it to scan for other php.ini files in other directories, and then have a php.ini file in each directory you want to turn functions off for. His link to the other forum post has more arguments for and against it and what they were doing to work around it. Quote
K1u Posted September 13, 2007 Author Posted September 13, 2007 Yes, but how do you disable it for all folder but one? You have to configure it to scan for other php.ini files in other directories, and then have a php.ini file in each directory you want to turn functions off for. His link to the other forum post has more arguments for and against it and what they were doing to work around it. There is also many various other ways to configure it securely. Yes you will have to put it into each folder. Quote
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.