Hi Till, thnx.
With FastCGI, the install is fine. There are other reasons for needing to use Mod-PHP.
I am not satisfied with site specific settings, because from the site owners' point of view, they are global settings. I need the option of being able to loosen up the security on certain folders only, not the whole site.
I use register_globals ON for a forked version of an OS web app (located in a sub-folder of the webroot folder) through .htaccess.
Is this making my whole site at higher risk? I think it's only that app. that can be attacked with register_globals type exploits.
That script has been on a live site for 6 years now without being hacked, so I'm not concerned about it. I have more urgent things to do at the moment (check my postings concerning pure-ftp/TSL issues).
Is there something I've misunderstood here about PHP?
My VPS system:
(Ubuntu 14.04 LTS, Kernel 3.15.4-x86_64, Apache 2.4.7, MySQL 5.5.38, PHP 5.5.9, ISPConfig 220.127.116.11p5, Webmin, PureFTP & Quota, phpMyAdmin, postfix, dovecot, amavis, clamav, spamassassin, awstats, fail2ban, Jailkit, bind9, vlogger, webalizer)