Andy Dowling's Gravatar Andy Dowling's Profile

About Me: I'm a systems engineer in Australia, specialising in security, and am occasionally involved with web app development. See my blog for more.

Last 10 Comments

1

PHP code itself can be used to mitigate such risks of misconfiguration. This is particularly useful in a shared server environment, or if you have limited control over your configuration. The following line of code can be included at the start of a PHP script:

<?php <? if (0==1) { ?> <META HTTP-EQUIV="Refresh" Content="0; URL=http://domain.com/plain.html"> <? } ?>

If PHP is runnng (and not confusing 0s with 1s, which it is notorious for), this redirect will be safely ignored. Otherwise, the user is shown a plain html page.

Posted in /blog/2007/sep/catching-up-and-keeping-up.

Wed, 05 Sep 2007 at 19:27:46: Link

Stats

  • Member Since: 14 Aug 2007
  • Comments: 1

Web Site

andy.dowling.myopenid.com

Blog Posts

Coming soon!