Hi All I have several customers hosting website in the apache server. One customer requires to run a install.php script from the website. for example http://www.abc/com/demo/install/install.php For this to work I did changes to the hhtp.conf and php.ini as follows. WIll this cause any security risk.? After the installation I can remove the Allowoverride All and turn off quota. Please advice. /etc/httpd/http.conf file <Directory "/var/www/web10/web/demo"> Options Indexes FollowSymLinks ExecCGI Includes AllowOverride All Order allow,deny Allow from all </Directory> /etc/php.ini file magic_quotes_gpc = On Thanks Teddy