Koozali.org: home of the SME Server

Legacy Forums => Experienced User Forum => Topic started by: nsh on August 10, 2004, 12:23:52 AM

Title: PHP serious security issues - Patch for 5.5?
Post by: nsh on August 10, 2004, 12:23:52 AM: I run three 5.5 boxes. What are my options for upgrading or patching PHP 4.1.2 - rpm or upgrade path?

The Dan Brown script nuked my httpd (and other things) on my test box.

5.5 what do I do.
Title: PHP serious security issues - Patch for 5.5?
Post by: BoZz on August 11, 2004, 02:42:11 PM: Wish it was that easy, better upgrading to the latest contribs? I your just worried about somebody hacking your php web site via cross scripting, etc do this. Make a .htaccess file with this inside:
<filesmatch "\.php$">
deny from all
</filesmatch>

copy this fille to all your sub directory's. This only allows *.php files to be called locally

SMF 2.0.19 | SMF © 2021, Simple Machines
Privacy Policy | Terms and Policies