info.php is a fun little script which when uploaded to a site, sends back a ton of information. I think some people fear having it publicly available, because it gives hackers more knowledge about a system they want to take down.

Since we tend to view php files online, I thought at first that php script files would open with a browser. php files can be opened and edited in notepad. I think of php files as sexed up text files, the way an html file is. On my computer, the original association of php files was with Adobe Photoparade, so I had to change it.

You can create the info.php file by putting the following into a text file, and then renaming it as info.php:
<? phpinfo(); ?>
Now upload the file to a website running Linux, and you will get this result:
http://www.p2pjihad.org/info.php
As you can see, it doesn't do anything if it is uploaded onto a website with a Micro$oft® server:
http://www.tatom.org/public/info.php

I actually had a practical use for this info.php file. I uploaded it to this site 3-3-3.org to see the GD version. I needed to know what version this site was using, so that I could put image verification in the registration process.

I can see why releasing info wouldn't be foremost in people's minds. Hacking isn't funny.

http://forum.newzbin.com/viewtopic.php?p=7411

There is a new security issue discovered with php versions 4.3.9 and 5.0.2. The information on the security issue was released at Hardened-PHP (http://www.hardened-php.net/advisories/012004.txt) December 15th and also at vBulletin (http://www.vbulletin.com/forum/showthread.php?t=123531) December 17th. So I checked the info.php (http://www.3-3-3.org/info.php) of this site and saw that it was php version 4.3.10, installed December 17th. Then I checked another site I pay for at p2pjihad.org and saw from the info.php (http://www.p2pjihad.org/info.php) there that it was running version 4.3.9, installed October 31st, which is one of the vulnerable ones.

If you want to see how diligent your webhoster is, see how fast they upgrade if there is a new security issue, or how reliable and helpful they are. These are issues that go beyond disc space, traffic allowance, or monthly fees.