Full Disclosure mailing list archives

Re: How to protect RFI ??

From: "Jamie Riden" <jamie.riden () gmail com>
Date: Sat, 26 May 2007 22:16:12 +0100

On 26/05/07, Mark Sec <mark.sec () gmail com> wrote:



does any1 how to protect about RFI (Remote file inclusion), and what i need
to see over php files ?

-mark


Briefly:
1. Secure your php install - turn off allow_url_fopen and
allow_url_include in php.ini
2. Make sure your PHP app is not vulnerable - an attacker shouldn't be
able to control what's included. This should protect you from local
file inclusion as well.
3. Use suhosin and/or mod_security
4. (maybe) configure your firewall to disallow outbound connections
initiated by the webserver

cheers,
 Jamie

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Current thread:

How to protect RFI ?? Mark Sec (May 26)
- Re: How to protect RFI ?? Jamie Riden (May 26)
  - Re: How to protect RFI ?? Mark Sec (May 27)
    - Re: How to protect RFI ?? Andrew Farmer (May 27)
- Re: How to protect RFI ?? Kradorex Xeron (May 26)