Joomla security errors

Joomla security errors

Posted by: mohnkern
Posted on: 2007-03-25 03:49:00

After completing the one click install of Joomla, I'm seeing the following security errors on my joomla administration page:

Following PHP Server Settings are not optimal for Security and it is recommended to change them:

* PHP magic_quotes_gpc setting is `OFF` instead of `ON`
* Joomla! RG_EMULATION setting is `ON` instead of `OFF` in file globals.php
`ON` by default for compatibility reasons


So I need to worry about this?


Re: Joomla security errors

Posted by: Raz2133
Posted on: 2007-03-25 05:19:00

In reply to:

So I need to worry about this?

No not really. The messages from Joomla are really warnings, not errors and are due to the setting for magic_quotes_gpc in the php.ini used by the default DreamHost PHP5 install. Joomla should still function fine, despite the warnings and, as I understand it, the security issues are not too severe.

If the warnings do concern you, you can change the magic_quotes_gpc setting for PHP5, but this involves copying the default DreamHost PHP executable and php.ini files to your domain, configuring your .htaccess file to use this local install then modifying the required php.ini settings. The general procedure is detailed in the wiki article linked below, but I should warn you that the procedure does require a fairly good working knowledge of the shell etc.

http://www.wiki.dreamhost.com/index.php/PHP.ini

Mark

Re: Joomla security errors

Posted by: mohnkern
Posted on: 2007-03-25 12:18:00

Thanks, I'll take a look.

I live in the bash shell :) Both at home, and at work.



Tags: php serverserver settingsgpcrgmagicquotesworry