User:Leucosticte/Insecure settings
The following are insecure settings.
Enabling upload and execution of arbitrary PHP scripts edit
$wgStrictFileExtensions = false;
$wgFileBlacklist = array();
$wgVerifyMimeType = false;
The following are insecure settings.
$wgStrictFileExtensions = false;
$wgFileBlacklist = array();
$wgVerifyMimeType = false;