register_globals On for one virtual host only

Discussion in 'Linux VPS/Dedicated - cPanel' started by transcriptionist.com.au, Nov 9, 2006.

  1. transcriptionist.com.au

    transcriptionist.com.au 3x WHM VPS + Growing

    Hello all,

    Is there a way to set register_globals on for just one virtual host ?

    I read somewhere that I could do this in httpd.conf inside <VirtualHost></VirtualHost>

    <directory>
    php_flag register_globals 1
    </directory>

    But it didnt seem to work. Got this error on a config test:

    Syntax error on line 1235 of /usr/local/apache/conf/httpd.conf:
    Invalid command '<directory>', perhaps mis-spelled or defined by a module not included in the server configuration


    Can anyone explain if/why register_globals On is a bad thing to do for a server.

    Thanks
     
  2. ppc

    ppc Moderator

    Their is a security risk by having register globals turned on server wide. Many exploits use the registerglobals feature. Turning it off greatly increases security.

    You can add the following lines in the code box below to a .HTACCESS file and that will turn on register globals for that folder:

    Code:
    php_value session.use_trans_sid 0
    php_value register_globals 1
    ppc
     

Share This Page