No idea who Kratz is but I agree with him. Turning off stuff like display errors is not the way to do it. You can set errors not to display in every script which make it far easier for debuging if needed later. For example IPB only shows the errors to admins. That makes far more sense not that you can do much with errors anyway.
Other stuff like set time limit, fopen sure your not making your server safer with them and they are really useful functions. Disabling some functions is fine but you've gone overboard.
Start with the script your using. If your script is well coded which sanitizes and checks inputs, you don't have a noob password you use everywhere, you htaccess admin areas then your ok.
Other stuff like set time limit, fopen sure your not making your server safer with them and they are really useful functions. Disabling some functions is fine but you've gone overboard.
Start with the script your using. If your script is well coded which sanitizes and checks inputs, you don't have a noob password you use everywhere, you htaccess admin areas then your ok.