User:Leucosticte/Insecure settings

From MediaWiki.org
Jump to: navigation, search

The following are insecure settings.

Enabling upload and execution of arbitrary PHP scripts[edit]

$wgStrictFileExtensions = false;
$wgFileBlacklist = array();
$wgVerifyMimeType = false;