[wp-hackers] Security alert for WP

David House dmhouse at gmail.com
Mon Aug 15 15:37:50 GMT 2005

On 10/08/05, Frederic de Villamil <fdevillamil at gmail.com> wrote:
> drBacchus is right, but in real life things aren't that simple.
> A lot of companies use old PHP applications that needs registers globals to be
> enabled, and a lot of PHP developpers are unaware of security issues.

Which is why using a directive in .htaccess is so elegant. It allows
us to turn register_globals off for the WordPress directory alone.

-David House, dmhouse at gmail.com, http://xmouse.ithium.net

More information about the wp-hackers mailing list