I am not sure this is my setting problem, I am using ISPConfig version 2.2.24
1) I have enable php globally and uncheck the PHP Scripts and PHP Safe Mode options in one of my virtual site, say www.example.com
2) There is a test.php program in the /var/www/example.com/web/
When I visit the virtual site www.example.copm/test.php
, the source code of test.php shows up. I feel very unsafe that the php source code reveal to any visitors?