2

I'm a bit confused about what to do : Should I put PHP safe mode on even though it does break some websites code?

I have had several joomla websites hacked, but I'm not sure why, maybe it is safemode. I'm still investigation that...

Is safe mode only for debugging, and so it doesn't really matter that much for security right?

This feature has been DEPRECATED as of PHP 5.3.0. Relying on this feature is highly discouraged.

Cf: http://www.php.net/manual/en/ini.sect.safe-mode.php

I have PHP v 5.2.14, apache, CentOS and cpanel.

Thanks a bunch :)

Zenet
  • 968
  • 5
  • 10
  • 15

2 Answers2

2

It shouldn't break any of your sites persay, unless you are attempting to do something that is forbidden in "safe mode". Which I can't see joomla breaking. Safe mode is just a way to prevent a multi-user system running PHP from each of the user's doing evil stuff to each other using PHP scripts (ie file writes, file reads). I don't know why they are removing it, perhaps someone else can fill in that blank?

However, a question to you is:
Are you keeping up with the latest patches for your joomla installs?

Natalie Adams
  • 745
2

Joomla's take on Safe mode: Why shouldn't you use PHP safe mode? (in short, it will usually work OK, apart from the initial install, but safe mode isn't the best idea in the first place)

It doesn't quite solve the problem, and it's also fairly easy to get around. There are better ways to slve the problems, so it's being depreciated.

Alister Bulman
  • 1,644