%%%%%%%%%%%%%%%###########################################php.ini########################################### [PHP] engine = 1 zend.ze1_compatibility_mode = short_open_tag = 1 asp_tags = precision = 14 y2k_compliance = 1 # output_buffering = 4096 output_buffering = off zlib.output_compression = implicit_flush = unserialize_callback_func = serialize_precision = 100 allow_call_time_pass_reference = safe_mode = safe_mode_gid = 1 safe_mode_include_dir = safe_mode_exec_dir = safe_mode_allowed_env_vars = PHP_ safe_mode_protected_env_vars = LD_LIBRARY_PATH disable_functions = disable_classes = highlight.string = #DD0000 highlight.comment = #FF9900 highlight.keyword = #007700 highlight.bg = #FFFFFF highlight.default = #0000BB highlight.html = #000000 expose_php = 1 max_execution_time = 30 max_input_time = 60 memory_limit = 24M error_reporting = 6135 display_errors = 1 display_startup_errors = log_errors = 1 log_errors_max_len = 1024 ignore_repeated_errors = ignore_repeated_source = report_memleaks = 1 track_errors = html_errors = error_log = /hsphere/local/var/httpd/logs/php_error.log variables_order = GPCS register_globals = 0 register_long_arrays = 1 register_argc_argv = 1 post_max_size = 8M magic_quotes_gpc = 1 magic_quotes_runtime = magic_quotes_sybase = auto_prepend_file = auto_append_file = default_mimetype = text/html always_populate_raw_post_data = 1 include_path = .:/hsphere/shared/apache/libexec/php5ext/php/ doc_root = user_dir = extension_dir = /hsphere/shared/apache/libexec/php5ext/ cgi.fix_pathinfo = 1 file_uploads = 1 upload_tmp_dir = upload_max_filesize = 2M allow_url_fopen = 1 default_socket_timeout = 60 auto_detect_line_endings = 1 [Syslog] define_syslog_variables = [mail function] sendmail_path = /usr/sbin/sendmail -t -i mail.force_extra_parameters = [SQL] sql.safe_mode = [ODBC] odbc.allow_persistent = odbc.check_persistent = 1 odbc.max_persistent = -1 odbc.max_links = -1 odbc.defaultlrl = 4096 odbc.defaultbinmode = 1 [MySQL] mysql.allow_persistent = mysql.max_persistent = -1 mysql.max_links = -1 mysql.default_port = 3306 mysql.default_socket = /var/lib/mysql/mysql.sock mysql.default_host = localhost mysql.default_user = mysql.default_password = mysql.connect_timeout = 60 mysql.trace_mode = [PostgresSQL] pgsql.allow_persistent = pgsql.auto_reset_persistent = pgsql.max_persistent = -1 pgsql.max_links = -1 pgsql.ignore_notice = 0 pgsql.log_notice = 0 [dbx] dbx.colnames_case = lowercase [bcmath] bcmath.scale = 0 [Session] session.save_handler = files session.use_cookies = 1 session.name = PHPSESSID session.auto_start = 0 session.cookie_lifetime = 0 session.cookie_path = / session.cookie_domain = session.serialize_handler = php session.gc_probability = 1 session.gc_divisor = 1000 session.gc_maxlifetime = 1440 session.bug_compat_42 = 0 session.bug_compat_warn = 1 session.referer_check = session.entropy_length = 0 session.entropy_file = session.cache_limiter = nocache session.cache_expire = 180 session.use_trans_sid = 0 session.hash_function = 0 session.hash_bits_per_character = 5 url_rewriter.tags = "a=href,area=href,frame=src,input=src,form=fakeentry" [Assertion] assert.active = 1 assert.warning = 1 assert.bail = assert.callback = assert.quiet_eval = 0 [Sockets] sockets.use_system_read = 1 [mbstring] mbstring.language = neutral mbstring.internal_encoding = EUC-JP mbstring.http_input = pass mbstring.http_output = pass mbstring.encoding_translation = mbstring.detect_order = auto mbstring.substitute_character = mbstring.func_overload = 0 [exif] exif.encode_unicode = ISO-8859-15 exif.decode_unicode_motorola = UCS-2BE exif.decode_unicode_intel = UCS-2LE exif.encode_jis = exif.decode_jis_motorola = JIS exif.decode_jis_intel = JIS [soap] soap.wsdl_cache_enabled = 1 soap.wsdl_cache_dir = /tmp soap.wsdl_cache_ttl = 86400 [Zend] zend_extension_manager.optimizer=/usr/local/Zend/lib/Optimizer-3.3.0 zend_extension_manager.optimizer_ts=/usr/local/Zend/lib/Optimizer_TS-3.3.0 zend_optimizer.version=3.3.0a zend_extension=/usr/local/Zend/lib/ZendExtensionManager.so zend_extension_ts=/usr/local/Zend/lib/ZendExtensionManager_TS.so %%%%%%%%%%%%%%%###########################################.htaccess########################################### #http://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html Options +FollowSymlinks RewriteEngine on RewriteCond %{REQUEST_URI} !/maintenance/index.html$ RewriteCond %{REMOTE_HOST} !^123\.218\.179 RewriteRule $ /maintenance/index.html [R=307,L] AddHandler phpini-cgi .php .htm Action phpini-cgi /cgi-bin/php5-custom-ini.cgi ## # @version $Id: htaccess.txt 10492 2008-07-02 06:38:28Z ircmaxell $ # @package Joomla # @copyright Copyright (C) 2005 - 2008 Open Source Matters. All rights reserved. # @license http://www.gnu.org/copyleft/gpl.html GNU/GPL # Joomla! is Free Software ## ##################################################### # READ THIS COMPLETELY IF YOU CHOOSE TO USE THIS FILE # # The line just below this section: 'Options +FollowSymLinks' may cause problems # with some server configurations. It is required for use of mod_rewrite, but may already # be set by your server administrator in a way that dissallows changing it in # your .htaccess file. If using it causes your server to error out, comment it out (add # to # beginning of line), reload your site in your browser and test your sef url's. If they work, # it has been set by your server administrator and you do not need it set here. # ##################################################### ## Can be commented out if causes errors, see notes above. Options +FollowSymLinks # # mod_rewrite in use RewriteEngine On ########## Begin - Rewrite rules to block out some common exploits ## If you experience problems on your site block out the operations listed below ## This attempts to block the most common type of exploit `attempts` to Joomla! # # Block out any script trying to set a mosConfig value through the URL RewriteCond %{QUERY_STRING} mosConfig_[a-zA-Z_]{1,21}(=|\%3D) [OR] # Block out any script trying to base64_encode crap to send via URL RewriteCond %{QUERY_STRING} base64_encode.*\(.*\) [OR] # Block out any script that includes a