How to change register globals to OFF

Details
Parent Category: ROOT
Category: Joomla Items - EN
Published: Saturday, 21 February 2015 18:27
Hits: 2345

 

 

FAQ: How to change register globals to OFF

« on: August 22, 2005, 08:13:19 PM »

 

 

 

Just open your .htaccess file and add this line in the end of it:

php_flag register_globals off

#deze code invoegen op het einde van .htaccess bestand. 

 

Code:

 

##

# @version $Id: htaccess.txt,v 1.5 2005/01/22 23:00:27 spacemonkey Exp $

# @package Mambo

# @copyright (C) 2000 - 2005 Miro International Pty Ltd

# @license http://www.gnu.org/copyleft/gpl.html GNU/GPL

# Mambo is Free Software

##



#

#  mod_rewrite in use

#



RewriteEngine On



#  Uncomment following line if your webserver's URL 

#  is not directly related to physical file paths.

#  Update YourMamboDirectory (just / for root)



# RewriteBase /YourMamboDirectory



#

#  Rules

#

php_flag register_globals off

 

 

 

 

 

.htaccess aanpassen: 

Code:
php_flag register_globals off

If you safe this now in the root folder of Joomla!, register_globals is now turned off for your whole site and all sub-folders.

 

 

Totale htaccess.txt file:

 

 

 

##

 

# @version $Id: htaccess.txt 423 2005-10-09 18:23:50Z stingrey $

 

# @package Joomla

 

# @copyright Copyright (C) 2005 Open Source Matters. All rights reserved.

 

# @license http://www.gnu.org/copyleft/gpl.html GNU/GPL

 

# Joomla! is Free Software

 

##

 

 

 

#

 

#  mod_rewrite in use

 

#

 

 

 

RewriteEngine On

 

 

 

#  Uncomment following line if your webserver's URL

 

#  is not directly related to physical file paths.

 

#  Update YourJoomlaDirectory (just / for root)

 

 

 

# RewriteBase /YourJoomlaDirectory

 

 

 

#

 

#  Rules

 

#

 

php_flag register_globals off

 

 

 

RewriteCond %{REQUEST_FILENAME} !\.(jpg|jpeg|gif|png|css|js|pl|txt)$

 

RewriteCond %{REQUEST_FILENAME} !-f

 

RewriteCond %{REQUEST_FILENAME} !-d

 

RewriteRule ^(.*) index.php

 

 

 

########## Begin - Rewrite rules to block out some common exploits

 

#                              

 

# Block out any script trying to set a mosConfig value through the URL

 

RewriteCond %{QUERY_STRING} mosConfig_[a-zA-Z_]{1,21}(=|\%3D) [OR]

 

# Block out any script trying to base64_encode crap to send via URL

 

RewriteCond %{QUERY_STRING} base64_encode.*\(.*\) [OR]

 

# Block out any script that includes a <script> tag in URL

 

RewriteCond %{QUERY_STRING} (\<|%3C).*script.*(\>|%3E) [NC,OR]

 

# Block out any script trying to set a PHP GLOBALS variable via URL

 

RewriteCond %{QUERY_STRING} GLOBALS(=|\[|\%[0-9A-Z]{0,2}) [OR]

 

# Block out any script trying to modify a _REQUEST variable via URL

 

RewriteCond %{QUERY_STRING} _REQUEST(=|\[|\%[0-9A-Z]{0,2})

 

# Send all blocked request to homepage with 403 Forbidden error!

 

RewriteRule ^(.*)$ index.php [F,L]

 

#

 

########## End - Rewrite rules to block out some common exploits

 

 

 

 

 

Na het uploaden via ftp naam aanpassen in .htaccess !!!!(werkt!)