Results 1 to 3 of 3
  1. #1

    Question Secure mod_php on a shared hosting environment

    I'm running a shared hosting environment and I'd like to know if it's even possible to secure the Apache while it's running mod_php. I know I could go suPHP with PHP-CGI, but that'd increase drastically the server load.

    So what should I do to best secure the server?

    So far now I did:

    - Apache:
    Installed mod_security and mod_evasive.

    - PHP:
    Set register_globals=OFF
    Set disable_functions = ini_restore, popen, exec, shell_exec, system, passthru, proc_open, proc_close
    Set safemode=ON
    Set open_basedir to user's directory on virtualhost

    Is that would be a secure environment for my users?

  2. #2
    Join Date
    Nov 2004
    It's probably as secure as you'll get with mod_php, though no sane user would host with you with PHP restricted like that.

    Ultimately it's never secure unless you use phpsuexec/suexec. There are always ways to avoid open_basedir and safemode restrictions. There's no way to work around phpsuexec/suexec file permissions. Yes, there's a performance hit, but it's negligible on all but extremely heavily loaded servers.

  3. #3
    Join Date
    Feb 2003
    North Hollywood, CA
    Know your users thats the main point.
    Remote Hands and Your Local Tech for the Los Angeles area.

    (310) 573-8050 - LinkedIn

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts