Server Attacked!!!

Discussion in 'General' started by alexillsley, Mar 18, 2007.

  1. alexillsley

    alexillsley ISPConfig Developer ISPConfig Developer

    Im just confusing myself:confused: So there is not away to stop mail for speicfic sites though you can set any sites with safemode on to have the mail function disabled? Is this correct?
     
  2. till

    till Super Moderator Staff Member ISPConfig Developer

    Please try waht I recommended a few posts above. vogelor is not saying that it wont work, he just emntioned that the function I had in mind will work with- and without safemode enabled.
     
  3. vogelor

    vogelor ISPConfig Developer ISPConfig Developer

    the "name" of the entry is

    disable_functions

    just google:

    "php disable-functions"

    and you find what you need
     
  4. alexillsley

    alexillsley ISPConfig Developer ISPConfig Developer

    Yea , i know i was just wondering how to specify which sites could and couldnt use it, as that globally disables it
     
  5. till

    till Super Moderator Staff Member ISPConfig Developer

    Thats what I posted above :) You can set this value in the apache directives field of a website in ISPConfig like this:

    php_admin_value disable-functions 'function1 function2 function2'

    (I've notchecked syntax, please have a look at the php manual).
     
  6. alexillsley

    alexillsley ISPConfig Developer ISPConfig Developer

    If all i have to is add php_admin_value then php option then thats great:)

    Also is there anyway to prevent emails being sent from perl?
     
  7. alexillsley

    alexillsley ISPConfig Developer ISPConfig Developer

    Hi,
    Also another question, how do you clear the dns cache? and how can i stop requests to my dns server that are for domains my server doesnt own
    Thanks,
    Alex
     
  8. till

    till Super Moderator Staff Member ISPConfig Developer

    Please make a new thraeds for a new question.
     
  9. vogelor

    vogelor ISPConfig Developer ISPConfig Developer

    i just want to notice, that i think, you must keep in mind, that there are persons who use suphp to call php-cgi (like i do!). this has the advantage to increase the safety of the server but has the disadvantage that sich entrys inside the vhosts will not work.

    (i just wanted to say this, because i think in this forum everyone says "use php_admin_xxx" and nobody things about suphp :D
     
  10. till

    till Super Moderator Staff Member ISPConfig Developer

    Yes, you're right :) For SuPHP you will have to use a custom php.ini file.
     
  11. vogelor

    vogelor ISPConfig Developer ISPConfig Developer

    @till

    maybe you like to hear that i made this by a little patch (maybe you will implement this in future versions ;-)

    --- my documentation (sorry in german) ---
    Datei root/ispconfig/scripts/lib/config.lib.php "patchen"
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    nach $php suchen. Irgendwo steht dann "$php .= suPHP_AddHandler ...." danach folgende Zeile einfügen:
    --- cut ---
    $php .= "suPHP_ConfigPath " . $mod->system->server_conf["server_path_httpd_root"] . "/web" . $web["doc_id"] . "/etc/php\n";
    --- cut ---
    Diese Zeile wird benötigt, um pro VHost (http _UND_ https!!!) eine EIGENE Config-Datei für PHP zu erhalten.
    --- end ---

    this patch adds a individual php.ini for every web. the TRICK is, that i have a global php.ini for ALL settings except 3 or 4 (memory, mysql connections basedir and so on). the INDIVIDUAL php.ini just only has this 3-4 entries. so i can change the global settings in the global php.ini and the individual settings in this "mini-ini"
     
  12. till

    till Super Moderator Staff Member ISPConfig Developer

    Does suphp even work when there is no php.ini in this folder at all or must there at least a empty file?
     
  13. vogelor

    vogelor ISPConfig Developer ISPConfig Developer

    it works without the php.ini file. if there is no file there, the default-values are used.

    (but it may be a good idea to let ispconfig create a "empty" file with openpasedir=web<x> and phptempdir=web<x> so that the temporary session-files are separated from each other.

    here is MY php.ini (one of then)

    --- CUT ---
    ; web-professional

    PHP:

    muv Aenderungen
    max_execution_time 
    18     Maximum execution time of each scriptin seconds
    memory_limit 
    35M          Maximum amount of memory a script may consume (16MB)

    mysql.max_links 40        Maximum links (persistent non persistent)
    mysqli.max_links 40       Maximum links (persistent non persistent)

    open_basedir      = /var/www/web[x]
    upload_tmp_dir    = /var/www/web[x]/phptmp
    session
    .save_path = /var/www/web[x]/phptmp

    --- CUT ---
     

Share This Page