[wp-hackers] Security alert for WP 1.5.1.3
David House
dmhouse at gmail.com
Mon Aug 15 15:37:50 GMT 2005
On 10/08/05, Frederic de Villamil <fdevillamil at gmail.com> wrote:
> drBacchus is right, but in real life things aren't that simple.
> A lot of companies use old PHP applications that needs registers globals to be
> enabled, and a lot of PHP developpers are unaware of security issues.
Which is why using a directive in .htaccess is so elegant. It allows
us to turn register_globals off for the WordPress directory alone.
--
-David House, dmhouse at gmail.com, http://xmouse.ithium.net
More information about the wp-hackers
mailing list