Forum Moderators: phranque
Before I dig in and convert the site to PHP just to manage a single include file does anyone have any suggestions? I might just do a quick find and replace to drop the menu in and re-upload the hundreds of pages, but this is not a good long term solution. I think within the next year we'll be moving to another host and shopping cart entirely, so I could just hobble along even though the menu changes frequently/seasonally.
Ideas?
As an aside: Can anyone explain to me why Yahoo! would disable SSI's? I suspect it has something to do with them wanting to stick people with proprietary tags and so forth. The lack of notice just boggles my mind.
Much thanks in advanc. Any help or insight is appreciated.
I know that doesn't really help, the switch from SSI to php is not hard.
Can anyone explain to me why Yahoo! would disable SSI's? I suspect it has something to do with them wanting to stick people with proprietary tags and so forth.
SSI's have been long known as entry points for some attacks, they were probably disabled to enhance security. They are not proprietary tags.
Rather than to go PHP, you should just move to a real server. PHP includes also have similar injection vulnerabilities if not configured correctly.
I wasn't suggesting SSI's are proprietary, but Yahoo uses their own store tags which are. So my thinking was that they're ditching the standard tags for their own. The possibility of some security issue occured to me though I wasn't aware of anything specific attacks and if that were the case I don't know why they wouldn't just inform their customers (without being specific) that's they would disable the ability to use includes at some set date. At the very least their support desk should have been aware they might be receiving some calls about the issue.
For now I'm switching to PHP includes real quick -- just getting ready to do a bunch of find and replacing now. The advice to ditch Yahoo is well taken and within approx. 6-8 months we'll be running x-cart.
cheers
