Frequently Asked Questions

The NearlyFreeSpeech.NET FAQ (*)

Programming (*)

Q. Do you have register_globals enabled for PHP?

No. By default, this feature of PHP is not enabled. It is widely considered a serious security risk and we have seen a number of member sites victimized by exploits related to having register_globals enabled. We discourage its use.

However, if you understand the implications of register_globals and you are prepared to accept the increased security risks associated with its use, we have provided you with the means to enable it on a per-directory basis. Simply create an .htaccess file in your public folder containing the line:

php_flag register_globals on

You can verify that this is working by using the phpinfo() function on a PHP page. You should see register_globals set to "On" in the local context and "Off" in the global context.

If you do not need register_globals support, you do not need to take any steps to protect your site from exploits related to it.