[geeklog-devel] PHP in Static Pages
dirk at haun-online.de
Wed Jan 14 02:00:04 EST 2004
>Maybe, I'm not dinging the thing...I'm just bringing back to light
>issues we should consider.
np, I was just playing the Devil's Advocate.
>Again, the secure way to handle this is to
>not have PHP in static pages to begin with but given we now endorse this
>possiblity we should consider ways to harden especially considering that
>we are becoming more and more popular with blackhats.
Yep. An option to switch off PHP from the config file would be a start.
More information about the geeklog-devel