PEAK XOOPS - Server changed to phpsuexec 
Server changed to phpsuexec
Server changed to phpsuexec
msg# 1
- depth:
- 0
Previous post
-
Next post
|
Parent
-
Children.1
|
Posted on 2006/8/20 5:18
jlm69
Posts: 3
Posts: 3
After my server changed to phpsuexec, the protector module security advisor info is wrong. I used to have a .htaccess file that had in it the following lines
php_flag register_globals off
php_admin_flag allow_url_fopen off
php_flag session.use_trans_sid off
and the protector module worked fine, now I need a php.ini file with these lines
register_globals = Off
allow_url_fopen = Off
Now in the security advisory it says
'register_globals' : on Not secure
'allow_url_fopen' : on Not secure
'session.use_trans_sid' : on Not secure
If I check phpinfo on the site it says that they are all off.
Now my question, If the protector module doesn't recognize that these are off is the module working, or should I remove it or should I just ignore the security advisory page or is it a bug.
Thanks,
John
php_flag register_globals off
php_admin_flag allow_url_fopen off
php_flag session.use_trans_sid off
and the protector module worked fine, now I need a php.ini file with these lines
register_globals = Off
allow_url_fopen = Off
Now in the security advisory it says
'register_globals' : on Not secure
'allow_url_fopen' : on Not secure
'session.use_trans_sid' : on Not secure
If I check phpinfo on the site it says that they are all off.
Now my question, If the protector module doesn't recognize that these are off is the module working, or should I remove it or should I just ignore the security advisory page or is it a bug.
Thanks,
John
Votes:0
Average:0.00
Posts tree
-
Server changed to phpsuexec
(jlm69, 2006/8/20 5:18)
-
Re: Server changed to phpsuexec
(GIJOE, 2006/8/20 13:39)
-
Re: Server changed to phpsuexec
(jlm69, 2006/8/20 22:04)
-
Re: Server changed to phpsuexec
(GIJOE, 2006/8/21 4:26)
-
Re: Server changed to phpsuexec
(Dave_L, 2006/8/24 5:29)
-
-
-
Login