Hello.
I want to secure my Apache/PHP environment without :
- safe_mode
- suphp / suexec
So, I found this : http://mpm-itk.sesse.net/ In this page, we can see
that a FreeBSD port exists, but I can't find it. What do you thinh about
it? This tool seems to be good.
Which Apache version do you
Le Thu, 9 Jul 2009 13:18:39 +0300,
Reko Turja reko.tu...@liukuma.net a écrit :
I want to secure my Apache/PHP environment...
Full suhosin, both patch and mod for the PHP. IIRC suhosin patch is
optional in PHP port and the mod can be installed via ports.
(http://www.hardened-php.net
I want to secure my Apache/PHP environment...
Full suhosin, both patch and mod for the PHP. IIRC suhosin patch is
optional in PHP port and the mod can be installed via ports.
(http://www.hardened-php.net/suhosin/index.html)
Apache environment and binaries set up in a jail.
Which Apache
it helps,
best regards,
Julien
On Thu, 2009-07-09 at 12:22 +0200, Nicolas Letellier wrote:
Le Thu, 9 Jul 2009 13:18:39 +0300,
Reko Turja reko.tu...@liukuma.net a écrit :
I want to secure my Apache/PHP environment...
Full suhosin, both patch and mod for the PHP. IIRC suhosin patch
...@liukuma.net a écrit :
I want to secure my Apache/PHP environment...
Full suhosin, both patch and mod for the PHP. IIRC suhosin patch
is optional in PHP port and the mod can be installed via ports.
(http://www.hardened-php.net/suhosin/index.html)
Apache environment and binaries
On Thu, 2009-07-09 at 12:22 +0200, Nicolas Letellier wrote:
Le Thu, 9 Jul 2009 13:18:39 +0300,
Reko Turja reko.tu...@liukuma.net a écrit :
I want to secure my Apache/PHP environment...
Full suhosin, both patch and mod for the PHP. IIRC suhosin patch
is optional in PHP
Le Thu, 09 Jul 2009 14:36:11 +0200,
Julien Cigar jci...@ulb.ac.be a écrit :
When I tested php in cgi, performances were bad. That's why,
php_mod is better (in my case !=
It's not CGI, it's FastCGI.
There is no performance loss if you use an opcode cacher (like
x-cache).
And is
Just build www/apache22 with WITH_MPM=itk and you'll have it. :)
Then add something like this in each vhost:
IfModule mpm_itk_module
AssignUserId my_user my_group
/IfModule
Nicolas Letellier wrote:
Le Thu, 09 Jul 2009 14:36:11 +0200,
Julien Cigar jci...@ulb.ac.be a écrit :
When I
Hi,
I'm currently using mpm-itk (on debian, but should be replaced with
freebsd soon ;-)).
I'm quite happy with the solution as it's easy to setup many user
accounts for web without ugly access right stuff and all that. apache
never made a problem after setup :-)
unfortunately I've never had