I would like to know everyones thought on parsing html/htm as php. For quite some time I have been using :
AddType application/x-httpd-php .htm
AddType application/x-httpd-php .html
I have heard both sides of the story... some say its harmless... others say its a huge no-no security issue. The reason I ask is because I will be moving to suphp soon which led me to lots of things such as 755 folders, 644 files, AddHandler, and a bunch of other stuff.
So, is it a security issue / has repercussions or not? Due to the age of my sites and them being 'html' I would prefer to stay that way along with a few other reasons.
Since I am going to a new server and will be making changes I might as well do everything at once right?