Recent Changes - Search:

Softwares

.

Hardening-PHP-Howto


Hardening PHP

Run As The User Instead of "nobody"

You can run PHP as the user (like CGI scripts do with Apache's suexec)

enable suPHP

PHP scripts are executed by the user who owns the VirtualHost serving the request.

Use Hardening Tools Like phpsuhosin

Remove Insecure Scripts

Apache directives like php_value are not valid for mod_suphp. It is possible to place a php.ini file in the directory containing the PHP script and specify these types of values in it.

For PHP scripts to execute, permissions of 0400 are sufficient. Scripts are run as the user who owns the VirtualHost, and as long as this user has permissions sufficient to write to a file/directory, PHP scripts will also have the ability to do so. Mod_SuPHP performs various security checks before executing PHP scripts. Most can be disabled in Mod_SuPHP configuration file located at /opt/suphp/etc/suphp.conf

Reference : http://www.cpanel.net/documentation/easyapache/ea3php_php_requests.html


Edit - History - Print - Recent Changes - Search
Page last modified on April 26, 2009, at 09:41 AM