Turn Off Register_globals On A Shared Server


Jul 27, 2005

My shared server provider has register_globals on. I checked by running
php_info(); from within a file. I would like to turn this off, but
asking them to turn it off just for me will not work.

I tried adding the following lines to the .htaccess file:
<IfModule mod_php4.c>
php_flag register_globals off
</IfModule>
but that did not work. I thought that maybe the file is called
something else, and I could not find any file containing mod_php
anywhere on the server. Also, I can see that the addmodule line for
mod_php4.c is commented out in the httpd.conf file for the shared
server.

I do not know how the server can serve php if that line is commented
out?

Bottom line is: is the .htaccess approach the correct one? and does
anyone know how I can find out if I am using the correct filename?

phpinfo() says that I have PHP Version 4.3.11

I will leave phpinfo() running on the main page so that if someone
needs more information,

View 12 Replies


ADVERTISEMENT

Web Server On Windows, With Register_globals On, How To Turn It Off Just On My Site?

web server is on windows, with register_globals on, how to turn it off just on my site?
I cannot access the configuration file, and I cannot use .htaccess because it is on windows. How to turn off the register_gobals in this case?

View 2 Replies

How To Turn Off Register_globals

I used phpinfo() and I found that register_globals variable is ON. I don't have any .htaccess file in the directory provided so there is other way to turn this OFF?

View 11 Replies

Turn On Register_globals?

for a stats program for a game, logs are sent to a perl file which saves data into a MySQL database then interpreted by PHP. when i try to check the stats it gives the error register_globals must be ENABLED

i went into php.ini and checked for a register_globals variable and i found this:
register_globals = Off
so of course i change it to:
register_globals = On
that didnt work so i also tried:
register_globals = ON
register_globals = on

it keeps saying that register_globals is still disabled though.... what is wrong? php.ini is in the windows folder where it should be.

View 1 Replies

Turn Register_globals Off?

I just took over the website at work. I am still learning PHP.
Register_globals are on and the script appears to be coded to take
advantage of this. I know how to recode the script, but am unsure how
to turn them off when I am done. I have googled and came up with
placing

php_flag register_globals off

in the .htaccess file.

I did this without recoding the script and the script still worked, so
I am assuming I did not turn them off.

View 17 Replies

Turn Off Register_globals In Php.ini?

I am running an ecommerce theme on wordpress on a hostgator server, and coming up with this error.

Security warning: set the value
*register_globals* in the php ini to Off !! This theme will not work correctly otherwise.

I can't find the php.ini in any of the folders. I tried creating a file with the added command and putting it in root as suggested via google

View 3 Replies

Turn Off Register_Globals?

I'm running PHP 5.3.2, and I've checked the ini file, and it has register_globals Off, but when I check phpinfo();, it says that it's on as a Local Value, but Off as a Master Value. I tried echo $ID and inputed ?ID=2 into the URL and it echoes 2, so I'm pretty sure that it's still on. Can anyone tell me how to turn it off?

View 7 Replies

Why Is A Taboo To Turn On Register_globals..

in php.ini?

View 3 Replies

Linux - Turn On Register_globals For Local Scripts Only?

I am using php as a command line scripting language for executing various system commands.

How can I turn on register_globals locally - to a single script only perhaps? Can this be done via the script itself?

I would prefer not to change global settings if possible.

View 2 Replies

Turn Off Safe_mode Off For A Particular Directory In A Shared Hosting Environment?

I want to turn off php safe_mode off for my site. My provider gave me a php.ini file and asked me to put it with my settings in my public_html folder to override the settings, but it didn't work.

View 3 Replies

PHP Shared Server Security

I have a client that brought to my attention a very interesting problem. If he has a website (www.domain.com) and he has a php page on it (order.php) that connects to the database. He has the user and pass in the page.

This is a linux server. It seems that another person on the server could just figure out what directory he is in. Then just do "vi order.php" so they could read the user and pass and then connect to the database and steal information.

View 2 Replies

Drupal On A Shared Server

I recently installed the Drupal CMS on my shared server. My problem is with "clean urls". When I run the clean urls test it seems to pass ok, but when I then enable clean urls the page loses all of its design (ie. logo, color, links do not work, etc.). I know there are some server things that need to be done and my host is telling me I cant do them because this is a shared server. They then told me that Drupal was not going to work for me. Will Drupal work on my shared server? Why is the site having this clean url problem? If Drupal will not work is there another CMS that already has clean urls?

View 1 Replies

Setting Up Yii On Shared Server?

I wish to use a PHP Framework such as Yii, however, it seems to set this up I need access to a terminal or console. Unfortunately my only access to the server is via an FTP client as it's shared hosting. Does this rule Yii out as a framework?

View 3 Replies

Ftp _ Connect On Shared Server?

I have a client that would like to FTP a file from his website on a shared server to another site. We are able to FTP the file manually using FileZilla from my computer to the other site and would like to build the same functionality into a PHP script that executes on the website via a CRON job. The goal is automatic file transfer on a specific date.

The problem I am having is that ftp_connect command in the PHP script fails to connect.

Should I use a port other than 21 in shared environment?

The ISP (Bluehost) says that they are not preventing the connection.

View 9 Replies

PHP Libraries On Shared Server

I'm currently using a shared web server for projects, and only have FTP access to it.

I'd like to take advantage of PHP libraries like PEAR, and I was wondering if theres a way to install them on a shared server?

View 7 Replies

Server Signuture Turn Off Need Access?

I want to add the following settings to my server:

ServerSignature Off
ServerTokens Prod

However after research I have to add these settings in my httpd.conf or apache2.conf file. It wont work in my php.ini or .htaccess on my public webroot. If I have not got access to these two server files (httpd.conf or apache2.conf) how can I get access or is there an alternative way to get these settings to work. It is a security issue I need to sort out ASAP.

View 1 Replies

Enable Php Extensions On Shared Server?

I have a very cheap php-enabled linux hosting account.

Unfortunately, this host does not have some extensions enabled which I
need, namely, the dom-xml and xslt extensions.

Assuming that the server admins ignore my pleas, is there a way to
locally
enable these extensions for my account, with a local copy of php.ini,
or
local copies of the proper *.so files, or some magic in the .htaccess
file?

View 4 Replies

Setting Include_path On Shared Server

My shared host used to have Php configured such that I could place a
php.ini file into any directory on my site and that was the php.ini file
that the Php cgi would use when it ran scripts.

Since upgrading to Php5.1 that is no longer possible (not allowed in
Php5.1 (?) ).

Anyway, ... this was a very handy way for me to set the include path so
that I could keep files with sensitive data (e.g., database usernames,
passwords) out of the site's public path.

My hosting service has actually rolled back to Php5.0 so that I could
continue doing as I had been ... with the caveat that they will
ultimately have to go with 5.1.

So, I have a set of questions.

1. Is there another way that I can set the include path globally for my
site? (Adding them to htaccess throws a 500 server error.)

2. How much security is really gained by moving sensitive include files
out of the site path (my include files all use the .php extension)?
Should I even be that concerned about this capability?

3. Would I gain the same security if I changed my current include files
(which I would have to put back into the public site path) to do nothing
but set include_path outside the public site and then include a new,
secondary file which actually contains the sensitive data?

4. Does anyone know why I *can* use local php.ini files in 5.01 and not
in 5.1?

View 2 Replies

Securing Sessions On Shared Server

My website uses sessions for the usual malarkey - user logins, etc. I'm on a shared server, with sessions saved in '/tmp'. I've been told that this is prone to sessions hijacking, since the whole server's session files are stored in that directory, not each domain/subdomain having its own '/tmp' directory. (The server's using Red Hat)

If they're vulnerable in here, what's the best course of action to take? I can't create directories outside my webroot (except in cgi/bin) so a custom directory is out of the question (again, unless I can use cgi/bin? doesn't seem a good idea). I'm thinking then, of a database/cookies solution, storing a 'session' cookie on the user's computer with the value of a hashed session id, which then points to the appropriate row in a 'sessions' table in the database.

Can anyone point me in the direction of a suitable session database class, incidentally?Could anyone advise me on this? What do you gurus do about session handling (please don't say "buy a dedicated server" because I can't! :D ) I've been using the /tmp dir for nearly two years now without any problems, but have only just got round to think seriously about session security.

View 1 Replies

URL Rewriting On A ISAPI Shared Server?

I need to rewrite URLs. The problem is that I am developing in PHP on an ISAPI server. An additional problem is that I am not the owner/manager of the server.Is there any way to rewrite URLs for PHP on a shared ISAPI server?

View 1 Replies

Install Symfony On Shared Web Server?

I have created a project(on my Localhost) in symfony(PHP Framework), and need to upload it on server(i.e the WEB Server), but i dont know how to do that, i got many methods on net, but i was not able to follow that.

View 3 Replies

Creating Web Services On Shared Server

i want to create a web service on shared server using php

View 2 Replies

Shared-server Security For Python?

Shared-server environment for various and sundry web services.I think we've settled on setting disable_functions and disable_classes site wide in php.ini and php_admin_value to force open_basedir in each app's httpd.conf for php scripts, and passenger's user switching for ruby scripts.We still need to find something for python though.Passenger does support python, but not for per-application security for specific sub-directories(it's all or nothing at the domain level).(And if any of the previous doesn't make sense-well, I'm the guy who's supposed to set up the python support, not the guy who set up the php or ruby support, so there's still some "and then some magic happens" steps in there from my perspective).

View 3 Replies

Networking - Turn Website Into A Proxy Server?

i was wondering if there is any way to turn my website into a proxy server ..i found plenty of scripts using PHP but they all require navigating to site in order to use the proxy, but what i really want is a script that enables me to access the site via browser configuration like in firefox when you enter the IP and port number in the options dialog, is there any kind of scripts that does that ?

View 1 Replies

Http - Turn A Script Into A Proxy Server?

We all know that HTTP uses port 80, what if i put my server's ip and the port 80 in the browser's proxy setting, will the browser sends the HTTP requests to my index.php which will fetch the website from server side and return response headers and body?

View 2 Replies

Calculate Server Load - Turn This Server Load Into A Percentile Scale?

How do you calculate the server load of PHP/apache? I know in vBulletin forums there's the server load displayed like 0.03 0.01 0.04 but it's not really understandable to a average joe. So I thought about a 1-100 percentile scale. I wanted to display a server load visual that reads from a DIV:

$load = $serverLoad*100;
<div class="serverLoad">
<div style="width: $load%;"></div>//show visual for server load on a 1-100 % scale[code]....

However, I don't know how to detect server load.Is it possible to do turn this server load into a percentile scale? I don't know where to start.

View 4 Replies







Copyrights 2005-15 www.BigResource.com, All rights reserved