PHP Security Question

Discussion regarding Joomla! 1.5 security issues.
Joomla! Vulnerable Extensions: http://feeds.joomla.org/JoomlaSecurityV ... Extensions

Moderator: General Support Moderators

Forum rules
Forum Rules
Absolute Beginner's Guide to Joomla! <-- please read before posting, this means YOU.
Security Checklist
Forum Post Assistant - If you are serious about wanting help, you will use this tool to help you post.
Locked
fisher318
Joomla! Apprentice
Joomla! Apprentice
Posts: 20
Joined: Sat Feb 02, 2008 11:41 pm
Location: Castle Rock, CO

PHP Security Question

Post by fisher318 » Sun Feb 17, 2008 3:28 pm

Ok, I'm installing PHP5 onto my new server, and it is asking me the following question:

Malicious computer users often exploit insecurely written PHP scripts using the seven features below to gain full access to your account. Disabling these features will make it more difficult for attackers to exploit vulnerabilities in insecure scripts, but may cause applications that depend on these features to stop working.

Please check the boxes next to the features you wish have enabled. You may change your selection at any time from the edit menu after installation.

Enable 'exec' function
Enable 'popen' function
Enable 'passthru' function
Enable 'proc_open' function
Enable 'shell_exec' function
Enable 'system' function
Enable 'allow_url_include' feature

Which ones do I need to have installed so Joomla 1.5 will work properly?
A California FHA loan allows for a first time home buyer to purchase a new home with a really low down payment.

User avatar
RussW
Joomla! Exemplar
Joomla! Exemplar
Posts: 9352
Joined: Sun Oct 22, 2006 4:42 am
Location: Sunshine Coast, Queensland, Australia
Contact:

Re: PHP Security Question

Post by RussW » Tue Feb 26, 2008 5:41 am

In most cases, these disabled functions will not cause Joomla! any issues, however, this can be effected byseveral other PHP settings and they may effect functionality of other extensions or extension interaction with Joomla! This is an unknown entity until tested with your server configuration, PHP settings and the desired functions or extensions.

Basically, disable them, and test your site and extensions for the required functionality.
Joomla! on the fabulous Sunshine Coast...
hotmango, web & print http://www.hotmango.me/
The Styleguyz https://www.thestyleguyz.com/


Locked

Return to “Security in Joomla! 1.5”