Difference between revisions of "How can you change PHP settings using htaccess?"

From Joomla! Documentation

(New page: '''Introduction''' This FAQ explains how to set boolean PHP configuration directives using php_flag. The format for php_flag is: php_flag name on|off '''Directions''' 1. Open the .htac...)
 
Line 26: Line 26:
 
[[Category:Administration FAQ]]
 
[[Category:Administration FAQ]]
 
[[Category:Version 1.5 FAQ]]
 
[[Category:Version 1.5 FAQ]]
 +
[[Category:Installation]]

Revision as of 08:14, 19 September 2010

Introduction

This FAQ explains how to set boolean PHP configuration directives using php_flag. The format for php_flag is: php_flag name on|off


Directions

1. Open the .htaccess file located in your site's home directory, or if you don't have one, create a blank one now. Note the period character (.) at the beginning of the file name.

2. Add any of the following code samples to your .htaccess file, each on it's own line. These sample commands will prevent common global variable injection attacks, cross site scripting (XSS) sttacks, and code injection attacks.

php_flag register_globals off
php_flag allow_url_fopen off
php_flag magic_quotes_gpc on


Note that although the magic_quotes_gpc directive adds a layer of security, for performance reasons it is not considered a best practice. If you have verified that your site correctly filters and validates all user data (and every production site really should), then there is no need to add this directive. If you have any doubt, add it.

3. Save the .htaccess file in your site's home directory.

4. Test your site's front end and back end.