Quote:
Originally Posted by eukhost.com
most of the times the scripts you install check available php functions and proceed with the installation if everything matches requirements of the scripts. its quite difficult to stop anyone from creating phpinfo.php in his webspace and sometimes installed scripts also leave a phpinfo.php on your website hosting without your notice.
protecting phpinfo is next to impossible and if we disable it from php.ini then users may have problems while installing scripts. |
Agreed, but when somone installs it, announces in a forum and then leaves it as it is, it may invite uninvited flies...er..hackers. There are generally many instances of phpinfo on a webserver but it takes some time and effort to digout where and what username/domain etc. If someone wants to harm yout deliberately, they will do it anyhow.
My two cents...
Regds
IJ