I think
expose_php = Off
is first thing to do instead of changing association.
(As well as disabling server signature)
extension does not tell much, but expose_php tells PHP version also, if you care
about crackers.
Crackers will notice you care about security somewhat. It does not protect your
It will tell ou
everything about the server, even uptime. So, if they want to know, they
can find out, file extensions just make it a bit easier...
- Original Message -
From: "Johnson, Kirk" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Tuesday, May 01, 2001 12
I would like opinions on a security question.
A co-worker suggested we rename our application files to some extension
other than .php (for example, .htm). The reasoning being that the .php
extension tells a cracker that we are using PHP, and not ASP, or ColdFusion,
etc. The cracker can focus imme
3 matches
Mail list logo
