htaccess question

  • My site all of a sudden went down yesterday. After much looking, I found this line in the htaccess file:

    php_flag register_globals off

    I deleted this line and things work fine. I never touched anything or added anything to the htaccess file. I didn’t upgrade to WP 152 yet either.

    Question is: where did this line of text come from?

    Thanks!

Viewing 8 replies - 1 through 8 (of 8 total)

  • You host added it maybe? *shrug*

    If you aren’t running v1.5.2, you really should have that in your .htaccess file, else your site could be hacked due to a security issue in previous versions.

    It shouldn’t break anything WordPress releated, but it may break other poorly coded scripts that don’t use $_GET.

    It’s possible your host put it in there, trying to help. Though the fact that it broke your site makes that very unlikely.

    It’s possible that someone leverages the WordPress 1.5.1.3 remote exploit vulnerability and tried to help you plug the hole.

    Or maybe you did it in haste and simply forgot about it.

    If you’re using WordPress 1.5.1.3, and your host is using register_globals, please upgrade at your earlist convenience to WordPress 1.5.2.

    Viper007Bond: clearly having that setting in the .htaccess file broke his site. Most likely, his server does not allow setting php directives inside .htaccess files.

    Well knotty was rather vague, so there’s no way to know. ??

    Thread Starter knotty

    (@knotty)

    Only thing I can think of is, the server techs put it there. I wouldn’t have even known to put that line in the htaccess file.

    It did make the whole site go down though, kept getting a 500 internal server error.

    I will be upgrading to 152 right now.

    Thanks!

    500 errors from .htaccess files generally mean an error in the .htaccess file that Apache can’t deal with. So, rather than deal with it, Apache gives up and spits the error.

    You could ask your host if they put it there of course.

    Upgrading should alleviate the concern with register_globals, though, so you should be fine

    Thread Starter knotty

    (@knotty)

    The only thing I can think of is, this server went down a couple days before my troubles began, so they had EV1 (everyone’s internet) techs work on it and from then on, I got the 500 errors.

    I have a email into the host to see if he knows about it.

    Thanks!

    Thread Starter knotty

    (@knotty)

    Ok, got a reply from the host. He says probably a CMS or blog system put it there in the htaccess.

    Now, I did do a xmlrpc file fix for B2evo (from B2evo) in the same directory as my WP site, ( I have addon domains). I assume, it came from there.

Viewing 8 replies - 1 through 8 (of 8 total)
  • The topic ‘htaccess question’ is closed to new replies.