Русское сообщество fluxbb

Быстрый лёгкий надёжный форумный движок

Вы не вошли.

Объявление

Вы можете внести свой вклад в содержание сайта. Жертвователи попадут в почетную группу "Спонсоры". Поддержать сайт.

#1 2008-05-12 11:48:09

niikto
Гость

мне хостер прислал что они замениоли версии ПХП и надо чтото менять в

менять в скриптах




[mono]Dear Customer,

We have updated PHP to the latest versions - PHP 4.4.8 and PHP 5.2.6 to provide you with more stable, reliable and secure service.

=================C-O-N-F-I-G-U-R-A-T-I-O-N=========================== 
Zend Optimizer, Ioncube and eAccelerator are enabled by default now.
Default php interpreter for your *.php files is php4.

You can see new php configuration options here:
PHP 4.4.8  http://66.118.138.197/~phpinfo/php.php4
PHP 5.2.6  http://66.118.138.197/~phpinfo/php.php5

Please use "application/x-httpd-php5" and "application/x-httpd-php4" in your .htaccess file to change php version.
For example:
1. If you want to use PHP5 in your account then you should add the following directive to .htaccess file under public_html folder:

AddHandler application/x-httpd-php5  .php  # for  PHP5

2. If you want your *.htm or *.html files to be handled by PHP (...in case you use php code there) please use the following directive:

AddHandler application/x-httpd-php4 .html .htm  # for  PHP4
or
AddHandler application/x-httpd-php5 .html .htm  # for  PHP5


Since php4 and php5 have different compiled extensions and modules they are configured to use different php.ini files:
PHP 5.2.6  --  /usr/local/lib/php.ini
PHP 4.4.8  --  /usr/local/php4/lib/php.ini
so if you use custom php.ini file please copy system php.ini file to your account according to you php version.
Some errors are possible if you use php4 interpreter with php5's php.ini file or vice versa.

You can copy system php.ini via jailed shell by means of "cp" command. For example:
"cp /usr/local/lib/php.ini  /home/USERNAME/public_html/.../some_directory/ "

PLEASE NOTE: php.ini takes effect ONLY in the folder it is located in.

Support for PHP 4 has been discontinued by php.net since 2007-12-31. Please consider upgrading to PHP 5.2.6.
PHP 4.4.8 is the last PHP 4 release.

========================S-E-C-U-R-I-T-Y===============================

For security reasons "register_globals" is disabled and we disabled some php functions like:
"system, exec, shell_exec, ftp_exec, passthru, passthru, leak, listen, chgrp, apache_setenv, ini_alter, define_syslog_variables,
openlog, syslog, popen, proc_close, proc_get_status, proc_nice, proc_terminate"
If you extremely need "register_globals" to be turned On you can do that in your custom php.ini file.

Apache is compiled  with Mod_security. So if you use such software as forum or blog please try to find mod_security rules which are suitable for your software.
Please place it into your .htaccess file:

<IfModule mod_security.c>
.... rules....
</IfModule>

It will protect your sites from hackers.


===================== mod_security rules example=======================
Here you can see a couple of examples for PHPBB and Mambo found in google  smile

------------------------PHPBB---------------------------------
<IfModule mod_security.c>
# WEB-PHP phpbb quick-reply.php arbitrary command attempt
SecFilterSelective THE_REQUEST "/quick-reply\.php" chain
SecFilter "phpbb_root_path="

# WEB-PHP phpbb quick-reply.php access
SecFilterSelective THE_REQUEST "/quick-reply\.php" log,pass
SecFilterSelective THE_REQUEST "\.php" chain
SecFilter "path=http\://"

# WEB-PHP phpBB privmsg.php access
SecFilterSelective THE_REQUEST "/privmsg\.php" log,pass

# WEB-PHP phpBB viewtopic.php
SecFilterSelective THE_REQUEST "viewtopic.php" chain
SecFilterSelective "THE_REQUEST|ARG_VALUES" "(system|exec|passthru|cmd|fopen|exit|fwrite)" deny,log
</IfModule>

------------------------Mambo---------------------------------

<IfModule mod_security.c>
# WEB-PHP Mambo uploadimage.php upload php file attempt
SecFilterSelective THE_REQUEST "/uploadimage\.php" chain
SecFilter "\.php"

# WEB-PHP Mambo upload.php upload php file attempt
SecFilterSelective THE_REQUEST "/upload\.php" chain
SecFilter "\.php"

# WEB-PHP Mambo uploadimage.php access
SecFilterSelective THE_REQUEST "/uploadimage\.php" log,pass

# WEB-PHP Mambo upload.php access
SecFilterSelective THE_REQUEST "/upload\.php" log,pass
</IfModule>

Here you can see simple  examples, but to protect your site you have to set up it up to your needs.[/mono]


в связи с этим вопрос - надо чтото менять то или всё ок?

Редактировался niikto (2008-05-12 11:49:02)

#2 2008-05-12 19:24:27

coordinator
Гость

Re: мне хостер прислал что они замениоли версии ПХП и надо чтото менять в

PHP: 5.2.5
Все работает. Всегда работал на php 5.х.х
Я так думаю, что php.ini менять не надо.

Подвал доски

Под управлением FluxBB. Хостинг Hostens