1. php_flag register_globals off
instead of just by $abcif this flag sets to off, program will be only able to get the $_GET["abc"], $_POST["abc"],etc if the url is url.html?abc=123
2. php_flag magic_quotes_gpc off
This flag is used to originally give backslash to gpc(get, post, cookie) to prevent SQL injection.
3. php_flag short_open_tag on
Allow the use of short open tag < ? instead of < ?php
4. Options -Indexes
Disallow directory browsing
5. DirectoryIndex index.php index.htm index.html
If the user types the directory name, we search through the list of index.php to show it.
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment