[pmwiki-users] How to optimize php.ini
Iain D. Brown
iain at iainbrown.net
Tue Sep 5 13:43:53 CDT 2006
Tom Lederer wrote:
>> Due to the recent affairs, i wondered if someone of greater
>> knowledge could tip me how to set the options (those i can) in
>> php.ini to use pmwiki at its best.
Pm replied:
> Here's my suggestions:
> session.auto_start Off
> session.use_cookies On
> session.use_trans_sid Off
> magic_quotes_runtime Off [1]
> magic_quotes_gpc Off [2]
> register_globals Off [3]
> display_errors On for debugging, Off for production [4]
> session.cookie_lifetime 0
This, and Pm's very useful information in his message on PmWiki
security vulnerability today, makes me wonder if someone has
created a document on hardening PmWiki.
To ensure one's installation of PmWiki is as secure as possible,
should I be following Pm's suggestions, above? Are there any
implications for the functioning of my PmWiki site if I follow the
above? Are there any other settings I should be securing?
Best wishes,
Iain.
(Wannabe techie.)
--
Iain Brown
iain at iainbrown.net
More information about the pmwiki-users
mailing list