0

This is a continuation of a tumbleweed question: Getting Forbidden error when saving pages with PHP

The host my client uses seems to use something to check/block potentially malicious scripts from being saved to the server. When I try to save a file that uses any PHP, it comes back Forbidden.

Mostly it's just include(), and usually just one or two.

Anyone know of a way to safely keep my PHP intact when updating files via POST/PHP?

(I don't really need it to be able to add additional PHP, just keep what's in it.)

P.S. :: It works locally, just not on their host server.

I've been looking for days and haven't found a solution yet :/

Community
  • 1
  • 1
Casey Dwayne
  • 2,142
  • 1
  • 17
  • 32
  • If you are executing scripts that are being submitted, we have a bigger problem at hand here. (maybe I didn't understand the question) – Connor Tumbleson Dec 17 '13 at 22:28
  • Suggest you upload php files to the server using FTP. Much safer and easier to secure and you don't have to give the server write access to the root area, so if you are cracker the perp can do little damage. – Ian Dec 17 '13 at 22:50
  • The form is part of my CMS and is in a secure directory, you need a user/pass to get in. I'm not very worried about hackers, I've taken extra precautions to prevent injected scripts. Really I just need it to allow `include`. I guess I could use javascript to load this content. *TinyMCE is **supposed** to protect my PHP, (see link in question)* – Casey Dwayne Dec 18 '13 at 00:45

0 Answers0