If you have access to php.ini file, locate this line:
register_globals = on
and change it to:
register_globals = off
If you don’t have php.ini access, you can add this directive into your .htaccess file:
php_flag register_globals off
If that doesn’t do the trick, you should contact a security professional.
Speak Your Mind