How can I prevent php scripts from overriding max_execution_time value ?
Someone found a way to inject malicious code on a server through wordpress... We are in the process of patching the vulnerability. That php code defines :
@ini_set('max_execution_time', 0); @set_time_limit(0);
That kept on crashing my apache server... Is there a way to disallow such override?
OMG NO!
Your server got hacked - that was bad.
You found out about the problem because the code running starting exhibiting strange systems - that was good.
You want to prevent your system from exhibiting the systems of an attack in future - that's bad.
That it got hacked in the first case and you are now able to apply a fix which would have prevented this rather implies that the initial compromise was your fault.
