I was working with SourceForge's PIWIK and got this message:
CGI - Test Result
force_redirect - force_redirect is disabled. In most cases, this is a serious security vulnerability. Unless you are absolutely sure this is not needed, enable this setting
Is there any problem here?
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
I've not come across this one before, but from reading the documentation, this is a setting that defaults to TRUE, but can be set FALSE if required by certain webservers.
It seems to be something to do with allowing PHP to run scipts that haven't been sent to it via the webserver.
If this is your server (or you have the ability to set php.ini values via htaccess, etc.) then set it back to TRUE (1), and see if anything breaks ;-)
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
I was working with SourceForge's PIWIK and got this message:
Is there any problem here?
I've not come across this one before, but from reading the documentation, this is a setting that defaults to TRUE, but can be set FALSE if required by certain webservers.
It seems to be something to do with allowing PHP to run scipts that haven't been sent to it via the webserver.
If this is your server (or you have the ability to set php.ini values via htaccess, etc.) then set it back to TRUE (1), and see if anything breaks ;-)
More reading suggests this setting might be necessary for IIS.