Hide minor edits
Show changes to output
April 26, 2009, at 08:41 AM
Added lines 1-26:
'''Run As The User Instead of "nobody"'''
You can run PHP as the user (like CGI scripts do with Apache's suexec)
PHP scripts are executed by the user who owns the VirtualHost serving the request.
'''Use Hardening Tools Like phpsuhosin'''
'''Remove Insecure Scripts'''
Apache directives like php_value are not valid for mod_suphp. It is possible to place a php.ini file in the directory containing the PHP script and specify these types of values in it.
For PHP scripts to execute, permissions of 0400 are sufficient. Scripts are run as the user who owns the VirtualHost, and as long as this user has permissions sufficient to write to a file/directory, PHP scripts will also have the ability to do so. Mod_SuPHP performs various security checks before executing PHP scripts. Most can be disabled in Mod_SuPHP configuration file located at /opt/suphp/etc/suphp.conf
Reference : http://www.cpanel.net/documentation/easyapache/ea3php_php_requests.html
Page last modified on April 26, 2009, at 08:41 AM