<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML><HEAD>
<META http-equiv=Content-Type content="text/html; charset=iso-8859-1">
<META content="MSHTML 6.00.5730.11" name=GENERATOR>
<STYLE></STYLE>
</HEAD>
<BODY bgColor=#ffffff>
<DIV><FONT face=Georgia>
<DIV><FONT face=Georgia>I have had my site(s) hacked into twice now through PHP
and would appreciate knowing what are the security patches that PmWiki is able
to live with.</FONT></DIV>
<DIV><FONT face=Georgia></FONT> </DIV>
<DIV><FONT face=Georgia>One hack was the insertion of a redirect to a bogus
citibank page. </FONT></DIV>
<DIV><FONT face=Georgia></FONT> </DIV>
<DIV><FONT face=Georgia>I don't want to kill all my farm sites but do need to
secure PHP better than it is.</FONT></DIV>
<DIV><FONT face=Georgia></FONT> </DIV>
<DIV><FONT face=Georgia>I am also running ApacheModSSL version 2</FONT></DIV>
<DIV><FONT face=Georgia></FONT> </DIV>
<DIV><FONT face=Georgia>I am in process of upgrading to Wiki version 2.1.26 but
would like to make sure there are as few holes as possible.</FONT></DIV>
<DIV><FONT face=Georgia></FONT> </DIV>
<DIV><FONT face=Georgia>Thanks everyone.</FONT></DIV>
<DIV><FONT face=Georgia></FONT> </DIV>
<DIV><FONT face=Georgia>I haven't been posting as I have (previously) had no
problems any my twenty some odd farm sites are running very well and everyone is
happy. Then the Axe fell......<G></FONT></DIV>
<DIV><FONT face=Georgia></FONT> </DIV>
<DIV><FONT face=Georgia>I ran the "Analyze" program and it only reports the
problem with FarmD variables being global and vulnerable. This
should fix that. (he said with fingers crossed)</FONT></DIV>
<DIV><FONT face=Georgia></FONT> </DIV>
<DIV><FONT face=Georgia>John Morris</FONT></DIV></FONT></DIV></BODY></HTML>