News:

Want to get involved in developing SMF, then why not lend a hand on our github!

Main Menu

Php.info and Security Issues

Started by joe123, September 08, 2007, 05:41:49 AM

Previous topic - Next topic

joe123

Is there a way to turn off php.info?    I think, correct me if I am wrong, that having it on is a security risk for any SMF site.
Joe

!Hachi!

if you upload by yourself you can remove it.i will like to read your above claim about RISK for SMF sites.
Happy Ramadan

Dragooon


joe123

Well, having so much info available to the public is not good, I may be wrong.   What if a bug is found is mysql ver 1.2.3 and anyone can corrupt the db by doing x,yz. 
Knowing that you have mysql 1.2.3 through php.info would give me the advantage of knowing that.

codenaught

Can't you just delete your phpinfo file from your server then?

Or have the file password protected or load SSI.php in it and include an admin check for your SMF. ;)

If I am misunderstanding you, please correct me!
Dev Consultant
Former SMF Doc Coordinator

K0H_K1u

Ok who ever told you it is a sec risk is a idiot. End of story.

Advertisement: