php.ini-anal-retentive-paranoid. I'm editing mine for that right now, everything is off, the sever has a keyboard, mouse, monitor no cd/dvd, no floppy, no usb and is unplugged from the network, there are 6 security guards that surround you and they give you 5 minutes on a timer. On 4/6/06, Kevin Kinsey <kdk@xxxxxxxxxx> wrote: > Dallas Cahker wrote: > > >I was looking to see if there was a quick checklist of settings for php to > >be disabled/enabled in the ini file to make the application more secure. > >I'm making sure the apps we come out with dont allow sql injections, or form > >injections and so forth, I have just seen some posts about magic quotes and > >so on and so I was curious. > > > > > > > Well, generally php comes with a "php.ini-dist" and a "php.ini-recommended"; > for tighter security, use the "recommended" version. Examining a diff > of the > files could help shed some light, as well. > > Of course, some of us could be waiting for the day when they ship with a > "php.ini-ironclad", "php.ini-stealthmode", or > "php.ini-anal-retentive-paranoid", > but I'm not sure those are slated, even for PHP6.... ;-) > > HTH, > > Kevin Kinsey > > -- > PHP General Mailing List (http://www.php.net/) > To unsubscribe, visit: http://www.php.net/unsub.php > > -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
