diff options
Diffstat (limited to 'config')
| -rw-r--r-- | config/default.rules | 8 |
1 files changed, 6 insertions, 2 deletions
diff --git a/config/default.rules b/config/default.rules index a19d678..232197a 100644 --- a/config/default.rules +++ b/config/default.rules | |||
| @@ -112,8 +112,12 @@ sp.disable_function.function("curl_setopt").param("option").value("64").drop().a | |||
| 112 | sp.disable_function.function("curl_setopt").param("option").value("81").drop().alias("Please don't turn CURLOPT_SSL_VERIFYHOST off."); | 112 | sp.disable_function.function("curl_setopt").param("option").value("81").drop().alias("Please don't turn CURLOPT_SSL_VERIFYHOST off."); |
| 113 | 113 | ||
| 114 | # File upload | 114 | # File upload |
| 115 | sp.disable_function.function("move_uploaded_file").param("destination").value_r("\\.ph").drop(); | 115 | # On old PHP7 versions |
| 116 | sp.disable_function.function("move_uploaded_file").param("destination").value_r("\\.ht").drop(); | 116 | #sp.disable_function.function("move_uploaded_file").param("destination").value_r("\\.ph").drop(); |
| 117 | #sp.disable_function.function("move_uploaded_file").param("destination").value_r("\\.ht").drop(); | ||
| 118 | # On PHP7.4+ | ||
| 119 | sp.disable_function.function("move_uploaded_file").param("new_path").value_r("\\.ph").drop(); | ||
| 120 | sp.disable_function.function("move_uploaded_file").param("new_path").value_r("\\.ht").drop(); | ||
| 117 | 121 | ||
| 118 | # Logging lockdown | 122 | # Logging lockdown |
| 119 | sp.disable_function.function("ini_set").param("varname").value_r("error_log").drop() | 123 | sp.disable_function.function("ini_set").param("varname").value_r("error_log").drop() |