php as a module and open_basedir security implications?

Discussion in 'Server Operation' started by meridianblade, Dec 13, 2006.

  1. meridianblade

    meridianblade New Member

    Alright I have the other post about fastCGI, but I was wondering about this approach as it seems a whole lot easier.
    So if I run php as a apache module with open_basedir enabled on each account on my server then changed everyone's files nobody nobody which I assume allows php to access them. Also, all directories and files are 755 and 644 respectively and I haven't had any issues with php or my Joomla CMS not being able to write to a directory or file since the chown and chgrp to nobody command was done.

    Is this dangerous? What else should I look at securing? CGI was incredibly slow (also breaks eaccelerator) and was overloading my server last night because I regularly spike over 150 users at any given moment and that ='s bad on a uncached dynamic page. I cant seem to figure out fastCGI either so that's not an option right now.

    Thanks :)

Share This Page