The Joomla! Forum ™

Download

Demo


Board index » Joomla! 2.5 - Ask Support Questions Here » Security in Joomla! 2.5

Forum rules


Forum Rules
Absolute Beginner's Guide to Joomla! <-- please read before posting, this means YOU.
Forum Post Assistant / FPA - If you are serious about wanting help, you will use this tool to help you post.



Post new topic Reply to topic  Page 1 of 1
  [ 4 posts ] 
  Print view Previous topic | Next topic 
Author Message
CHCG
PostPosted: Thu Feb 23, 2012 5:24 pm 
Joomla! Explorer
Joomla! Explorer

Joined: Mon Sep 12, 2005 5:23 am
Posts: 297
Location: Stockholm, Sweden
My server has url_fopen disabled by default. However, an appointment booking component I am using demands url_fopen to send out text message reminders.

I have therefore created a php.ini file with
Code:
allow_url_fopen = 1
for his and placed it in my Joomla root.

Is this safe? If not, what are the security risks and is there another/better way to do it?

Your advise is much appreciated.


Last edited by imanickam on Sun Feb 26, 2012 12:01 pm, edited 1 time in total.
Your other post f=615&t=698414 on the same topic in the forum General Questions has been deleted. In the future, please do not post the same topic multiple times in the same or different forums as it is against the forum rules to cross post.


Top
 Profile  
 
CHCG
PostPosted: Thu Feb 23, 2012 10:12 pm 
Joomla! Explorer
Joomla! Explorer

Joined: Mon Sep 12, 2005 5:23 am
Posts: 297
Location: Stockholm, Sweden
I have to add a question to my previous post:

If I need to have url_fopen enabled by the mentioned php.ini file, in which directory should it be placed to minimize security risks?
Top
 Profile  
 
CHCG
PostPosted: Sun Feb 26, 2012 8:53 am 
Joomla! Explorer
Joomla! Explorer

Joined: Mon Sep 12, 2005 5:23 am
Posts: 297
Location: Stockholm, Sweden
Anyone?
Top
 Profile  
 
mandville
PostPosted: Sun Feb 26, 2012 9:17 am 
User avatar
Joomla! Master
Joomla! Master

Joined: Mon Mar 20, 2006 1:56 am
Posts: 11643
Location: The Girly Side of Joomla in Sussex
bad bad bad (in 99.99999999%) of cases and uses
http://www.google.co.uk/search?q=url_fo ... urity+risk.
http://docs.joomla.org/Security_Checkli ... rver_Setup

see if the developer can use a different method, or ask your host *why* they disabled it

_________________
HU2HY- Poor questions = Poor answer
Un requested Help PM's will be added to the foe list and possibly just deleted
{Community.Connect Administrator }{ Showcase & Security Moderator}
Top
 Profile  
 
Display posts from previous:  Sort by  
Post new topic Reply to topic  Page 1 of 1
  [ 4 posts ] 


Board index » Joomla! 2.5 - Ask Support Questions Here » Security in Joomla! 2.5

Who is online

Users browsing this forum: wildzz and 15 guests

You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Jump to:  
Powered by phpBB® Forum Software © phpBB Group