Hi there...
I've just installed RSFirewall and running through the checkup, I found the following 'errors':

register_globals register_globals is On.
allow_url_fopen allow_url_fopen is On.
allow_url_include allow_url_include is Off.
open_basedir open_basedir is not used.
disable_functions disable_functions is missing the following: show_source, shell_exec, exec, phpinfo
safe_mode safe_mode is Off.

I've checked and double checked my php.ini file and ALL of the entries are there (ON is actually OFF, etc.). When I let the system 'fix' my ini, I end up with other stuff not working (I do have a custom ini file).

Any suggestions? Thanks!

If the System Check says that these options are enabled or disabled, then that's what's happening. This information comes directly from your server.

If you have a custom php.ini in the root of your Joomla! website copy it in the /administrator folder as well. The php.ini RSFirewall! is creating is supposed to be appended to the global one, not replace it completely (some hosts unfortunately do that).

Thanks!
Yes, in this case, copying it to the administrator folder seems to work... on another site (same server) it does not, and breaks the admin Cpanel.
Ah well... one at a time, I'll come back to that one later.