Security to prevent hacks & injection
I recently had a site hacked via the _notes folder that DW creates.
Is it really necessary to upload these folders?
Also, I am looking at other ways IN ADDITION to security assist to protect sites I build from injection etc.
Considering a web site built completely with DW and WA supersuite...
Will making the following php.ini change adversely effect performance?
allow_url_fopen = Off
display_errors = Off
display_startup_errors = Off
log_errors = On
error_reporting = E_ALL
error_log = /home/yourUserID/public_html/phperr.txt
expose_php = Off
magic_quotes_gpc = On
magic_quotes_sybase = Off
register_globals = Off
Also will the WA DA, SA etc still run properly if .htaccess is applied to all folders ?