Koozali.org: home of the SME Server
  1. Koozali.org: home of the SME Server
  2. Legacy Forums
  3. Experienced User Forum
  4. Topic: PHP serious security issues - Patch for 5.5?
« previous next »
Pages: [1]   Go Down

PHP serious security issues - Patch for 5.5?

  • 1 Replies
  • 1187 Views

nsh

PHP serious security issues - Patch for 5.5?
« on: August 10, 2004, 12:23:52 AM »
I run three 5.5 boxes.  What are my options for upgrading or patching PHP 4.1.2 - rpm or upgrade path?
 
The Dan Brown script nuked my httpd (and other things) on my test box.
 
5.5 what do I do.
Logged

Offline BoZz

  • ***
  • 48
  • +0/-0
PHP serious security issues - Patch for 5.5?
« Reply #1 on: August 11, 2004, 02:42:11 PM »
Wish it was that easy, better upgrading to the latest contribs? I your just worried about somebody hacking your php web site via cross scripting, etc do this. Make a .htaccess file with this inside:
<filesmatch "\.php$">
deny from all
</filesmatch>

copy this fille to all your sub directory's. This only allows *.php files to be called locally
Logged
Pages: [1]   Go Up
« previous next »
  1. Koozali.org: home of the SME Server
  2. Legacy Forums
  3. Experienced User Forum
  4. Topic: PHP serious security issues - Patch for 5.5?