how can I supply php security for my server?

Discussion in 'General' started by arastirici, Sep 11, 2008.

  1. arastirici

    arastirici New Member

    I use ispconfig2.2.25. I install opensuse11 via http://www.howtoforge.com/perfect-server-opensuse11.

    I am novice at php.
    I set Safemode as On and open_base as vhost's directory.

    I configured a virtualhost on ispconfig.
    I can read any folder which located in different directory from my vhost's directory, with php script on that website.
    I think, my security is problem. Vhost's user is even restricted php can see anywhere.

    How can I do correct that ?

    Thanks
     
  2. till

    till Super Moderator Staff Member ISPConfig Developer

    For example by using suphp with an specific and very restricted php.ini for every vhost were you disable functions like exec, system etc.
     
  3. arastirici

    arastirici New Member

    How can I install suphp on Suse11 without problem?

    How can I install suphp on Suse11 without problem?

    is there an instruction about that ?

    thanks.
     
  4. edge

    edge Active Member Moderator

  5. arastirici

    arastirici New Member

    I couldn't run apache2 with suphp

    Hello

    Actually I had seen the installation link and I installed according to that on Suse11.

    But that page explains suphp according to suse10.3 and some linux systems.

    For instance, I couldn't install suphp with "yast -i suphp" I had to install as manual like been explained in other linux systems.
    It told "In that file we comment out everything:" in /etc/apache2/conf.d/mod_suphp.conf. But There was any folder called mod_suphp.conf in /etc/apache2/conf.d directory after installed suphp.

    I run SuSEconfig without problem. and then T tried to restart apache2.
    And I got an error like ;
    # /etc/init.d/apache2 restart
    Syntax error on line 50 of /etc/apache2/vhosts/Vhosts_ispconfig.conf:
    Invalid command 'php_admin_flag', perhaps misspelled or defined by a module not included in the server configuration
    Because, as I removed php5 module in Apachemodules.
    The instruction explains so for suse10.3.
    I readded php5 with suphp in apachemodules.
    This time I managed to restart apache2 without problem.
    I edited "vi /home/admispconfig/ispconfig/lib/config.inc.php"
    I set suphp that place.
    I login ispconfig panel as admin
    I add new site.
    it creates as Vhosts_ispconfig.conf_14-09-08_00-13-34 as;
    ...
    <Directory /www1/web27/web>
    suPHP_Engine on
    suPHP_UserGroup web27_tt web27
    AddHandler x-httpd-php .php .php3 .php4 .php5
    suPHP_AddHandler x-httpd-php
    SetEnv php_safe_mode On
    </Directory>
    ..
    but it didn't replace Vhosts_ispconfig.conf it.

    I moved that file as Vhosts_ispconfig.conf
    I couldn't restart apache2
    I got an error;
    php:/etc/apache2/vhosts # /etc/init.d/apache2 restart
    Syntax error on line 36 of /etc/apache2/vhosts/Vhosts_ispconfig.conf:
    Invalid command 'suPHP_UserGroup', perhaps misspelled or defined by a module not included in the server configuration


    What 's the problem?
    How can I install suphp on suse11?

    Thanks
     
  6. falko

    falko Super Moderator ISPConfig Developer

    Did you try to search fir a suphp package with yast?
     
  7. arastirici

    arastirici New Member

    I don't know what you said that "try to search fir a suphp package with yast"

    I tried to install suphp with "yast -i" or "yast2 -i".
    But the yast couldn't suphp. I had to download suphp and I installed it manually. "Namely ./configure ...... make make install"
     
  8. falko

    falko Super Moderator ISPConfig Developer

    Run
    Code:
    yast
    , and then in the yast interface, you can search for packages.
     

Share This Page