allow_url_fopen

1 post Page 1 of 1
aaberr
Junior Member
Posts: 7
Joined: 12 Jan 2007, 09:32


I was setting up a new vps and looked at the security check list of csf and noted the presence of allow_url_fopen in the list of functions csf advises to disable.

Does csf believe allow_url_fopen should be turned off? Then it would be best to have a separate check for allow_url_fopen just similar to the check for ini_set or dl or ...

Putting allow_url_fopen in disable_functions will not turn off this directive, as it is not a function.
1 post Page 1 of 1