I know i'm asking a lot, or not. . . But i successfully installed pantheon on a server and am looking to make that my production server.
I have been poking around some security discussions and see that there are some settings in the configuration that aren't exactly secure. My question basically asks whether there are any potential downfalls to following the advice of the security professionals . . . the last thing i'd want to do is brick my shinny new pantheon server!
more specifically this page http://www.imminentweb.com/technologies/configure-php-securely seems like it makes some sense. i see other posts that make me want to change files, but I'm not sure how that would interact with hudson or bgf-2 (lol).
Also, when looking at what was /etc/php.ini and is now /var/lib/bfg/tg/p5 (paraphrased) the php.ini files act more like a directory than a file, what's with that?