php security

badges_ecommerce_stage1

I ran into a few blog posts that indicate that most L.E.M.P tutorials state to set the following php setting.

cgi.fix_pathinfo=0

As for me I have mine set to one for security reasons. The word around the internet streets is that a png file can be upload to a server with php code to do malicious activities.

Leave a Reply

Your email address will not be published. Required fields are marked *