[TUT] WJ special ! : How to Harden PHP via php.ini

Status
Not open for further replies.
No idea who Kratz is but I agree with him. Turning off stuff like display errors is not the way to do it. You can set errors not to display in every script which make it far easier for debuging if needed later. For example IPB only shows the errors to admins. That makes far more sense not that you can do much with errors anyway.

Other stuff like set time limit, fopen sure your not making your server safer with them and they are really useful functions. Disabling some functions is fine but you've gone overboard.

Start with the script your using. If your script is well coded which sanitizes and checks inputs, you don't have a noob password you use everywhere, you htaccess admin areas then your ok.
 
I registered years ago under the username Whitey. I lost my password and also the password to the email I used (not even sure what email I used) so just made a new account :P I kinda remember you, actually.
 
I registered years ago under the username Whitey. I lost my password and also the password to the email I used (not even sure what email I used) so just made a new account :P I kinda remember you, actually.

Well it's good to see intelligent people return :)
 
Maybe you shouldn't be throwing the word "intelligent" towards someone who forgot two of their passwords :P But thanks :)
 
Status
Not open for further replies.
Back
Top