Go Back   HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials > Linux Forums > Server Operation

Do you like HowtoForge? Please consider supporting us by becoming a subscriber.
Thread Tools Display Modes
Old 13th December 2006, 23:33
meridianblade meridianblade is offline
Junior Member
Join Date: Dec 2006
Posts: 5
Thanks: 0
Thanked 0 Times in 0 Posts
Default php as a module and open_basedir security implications?

Alright I have the other post about fastCGI, but I was wondering about this approach as it seems a whole lot easier.
So if I run php as a apache module with open_basedir enabled on each account on my server then changed everyone's files nobody nobody which I assume allows php to access them. Also, all directories and files are 755 and 644 respectively and I haven't had any issues with php or my Joomla CMS not being able to write to a directory or file since the chown and chgrp to nobody command was done.

Is this dangerous? What else should I look at securing? CGI was incredibly slow (also breaks eaccelerator) and was overloading my server last night because I regularly spike over 150 users at any given moment and that ='s bad on a uncached dynamic page. I cant seem to figure out fastCGI either so that's not an option right now.

Thanks :-)
Reply With Quote
Sponsored Links


Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

All times are GMT +2. The time now is 16:19.

Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.