PhpSecInfo Test Information
This test determines if file uploads are enabled in PHP.
When you allow files to be uploaded to your system you assume a number of risks, files may not be what the appear (executables masquerading as images, php scripts uploaded and moved to a location where they may be run, et-cetera). If your site doesn't actually require file uploads, disabling this will prevent files from being accepted inadvertently.
If users of your application do not need to upload files, turn this feature off.
; Disable file_uploads for security reasons file_uploads = 'off'
The setting can also be disabled in apache's httpd.conf file:
# Disable file_uploads for security reasons php_flag file_uploads off