From bcec0cafc9edbf1a563f184debf01169aed64c85 Mon Sep 17 00:00:00 2001
From: jvoisin
Date: Sat, 25 Apr 2026 22:25:27 +0200
Subject: Add a note about virtual-patching bypasses

---
 doc/source/features.rst | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

(limited to 'doc/source/features.rst')

diff --git a/doc/source/features.rst b/doc/source/features.rst
index adb8779..517bbec 100644
--- a/doc/source/features.rst
+++ b/doc/source/features.rst
@@ -309,7 +309,11 @@ of dangerous functions, dropping them everywhere else:
    :language: php
 
 
-The intent is to make post-exploitation process (such as backdooring of legitimate code, or RAT usage) a lot harder for the attacker.
+The intent is to make post-exploitation process (such as backdooring of
+legitimate code, or RAT usage) a lot harder for the attacker.
+
+Note that an attacker able to run arbitrary PHP code can likely bypass some virtual-patching
+by (ab)using some PHP features.
 
 
 .. _global-strict-feature:
-- 
cgit v1.3