Koozali.org: home of the SME Server

PHP serious security issues - Patch for 5.5?

nsh

PHP serious security issues - Patch for 5.5?
« on: August 10, 2004, 12:23:52 AM »
I run three 5.5 boxes.  What are my options for upgrading or patching PHP 4.1.2 - rpm or upgrade path?
 
The Dan Brown script nuked my httpd (and other things) on my test box.
 
5.5 what do I do.

Offline BoZz

  • ***
  • 48
  • +0/-0
PHP serious security issues - Patch for 5.5?
« Reply #1 on: August 11, 2004, 02:42:11 PM »
Wish it was that easy, better upgrading to the latest contribs? I your just worried about somebody hacking your php web site via cross scripting, etc do this. Make a .htaccess file with this inside:
<filesmatch "\.php$">
deny from all
</filesmatch>

copy this fille to all your sub directory's. This only allows *.php files to be called locally