PHP scripts are executed by the user who owns the VirtualHost serving the request.
Use Hardening Tools Like phpsuhosin
Remove Insecure Scripts
Apache directives like php_value are not valid for mod_suphp. It is possible to place a php.ini file in the
directory containing the PHP script and specify these types of values in it.
For PHP scripts to execute, permissions of 0400 are sufficient. Scripts are run as the user who owns the
VirtualHost, and as long as this user has permissions sufficient to write to a file/directory, PHP scripts will
also have the ability to do so. Mod_SuPHP performs various security checks before executing PHP scripts. Most can
be disabled in Mod_SuPHP configuration file located at /opt/suphp/etc/suphp.confPHP scripts are executed by the user who owns the VirtualHost serving the request.
Use Hardening Tools Like phpsuhosin
Remove Insecure Scripts
Apache directives like php_value are not valid for mod_suphp. It is possible to place a php.ini file in the
directory containing the PHP script and specify these types of values in it.
For PHP scripts to execute, permissions of 0400 are sufficient. Scripts are run as the user who owns the
VirtualHost, and as long as this user has permissions sufficient to write to a file/directory, PHP scripts will
also have the ability to do so. Mod_SuPHP performs various security checks before executing PHP scripts. Most can
be disabled in Mod_SuPHP configuration file located at /opt/suphp/etc/suphp.confPHP scripts are executed by the user who owns the VirtualHost serving the request.
Use Hardening Tools Like phpsuhosin
Remove Insecure Scripts
Apache directives like php_value are not valid for mod_suphp. It is possible to place a php.ini file in the
directory containing the PHP script and specify these types of values in it.
For PHP scripts to execute, permissions of 0400 are sufficient. Scripts are run as the user who owns the
VirtualHost, and as long as this user has permissions sufficient to write to a file/directory, PHP scripts will
also have the ability to do so. Mod_SuPHP performs various security checks before executing PHP scripts. Most can
be disabled in Mod_SuPHP configuration file located at /opt/suphp/etc/suphp.co
PHP scripts are executed by the user who owns the VirtualHost serving the request.
Use Hardening Tools Like phpsuhosin
Remove Insecure Scripts
Apache directives like php_value are not valid for mod_suphp. It is possible to place a php.ini file in the directory containing the PHP script and specify these types of values in it.
For PHP scripts to execute, permissions of 0400 are sufficient. Scripts are run as the user who owns the VirtualHost, and as long as this user has permissions sufficient to write to a file/directory, PHP scripts will also have the ability to do so.
Mod_SuPHP performs various security checks before executing PHP scripts. Most can be disabled in Mod_SuPHP configuration file located at /opt/suphp/etc/suphp.conf
No comments:
Post a Comment