Thu 10 Mar, 2005 02:46 pm
I've recently installed PHP 5.0.3 on my Windows 2003/IIS 6 public Web server. However, www.php.net/manual/en/install.windows.php
this setup of PHP is not secure. If you would like to have a secure PHP setup, you'd better go on the manual way, and set every option carefully. This automatically working setup gives you an instantly working PHP installation, but it is not meant to be used on online servers.
I've only ever setup PHP the one time and I have limited knowledge of it... are there any issues (security or otherwise) I should be aware of? Is it so significant that I should schedule downtime, uninstall it, then go the manual way?
If I remember correctly, php 5+ is currently in dev status and shouldn't be used live.
You should probably use 4.3.10.
As to automatic vs. installer I don't know what to tell you, as I don't run PHP on Windows servers (except in development enviroments that are not public).