- • Use current versions
- • Don't rely only on safe_mode
- • Much better is usually open_basedir
- • Set also session.save_path and upload_tmp_dir
- • Prohibit errors printing - display_errors
- • Beware of files uploaded by users - engine
- • Set minimum privileges for a database user
