Facebook
TwitterHi there,
we're in the process of migrating from 8.6 to 9.2.1. There are 2 major reasons for this, the first one is the distro no longer has security updates. The second one however is that it can now run PHP as fastcgi and this is the most important one for me. Mainly because I'm quite fed up with hacked joomla sites because users never update them. And with the access rights they normally need they get shell scripts installed and the kiddies can just browse the entire webserver (well not the entire server but atleast everything under /var/www/vhosts). Which is obviously very much unwanted, as they can read mysql passwords from config files etc.
Anyways, apparently you have a choice per domain. This is not really what I'm looking for (as far as I'm concerned entire server runs PHP as fastcgi, cgi and/or mod_php don't need to be options, they just allow for screw ups). I can set it in the template, so that should void 99% of it though.
Harder however are the existing domains. These all come over with mod_php. Been looking at the domain command, but this seems to only allow me to set PHP on or off, not what 'mode' it runs it in. This is also prevalent from the --info option on the domain. It doesn't output how it runs PHP just that it's enabled.
So I'm looking for a foolproof way to enable PHP as fastcgi on all existing domains easily (have to import 200 to 300). I can have a look at the database, probably just a flag and run the command to regenerate the httpd.conf and includes, but afraid that if I overlook something it will give issues later on or doesn't nicely update all the configs.
Any official ways of doing this? If I know what flags it are in the database tho' I can make a script to check the value on each domain every night so I can be alerted if one has it as something else than fastcgi.
TIA
we're in the process of migrating from 8.6 to 9.2.1. There are 2 major reasons for this, the first one is the distro no longer has security updates. The second one however is that it can now run PHP as fastcgi and this is the most important one for me. Mainly because I'm quite fed up with hacked joomla sites because users never update them. And with the access rights they normally need they get shell scripts installed and the kiddies can just browse the entire webserver (well not the entire server but atleast everything under /var/www/vhosts). Which is obviously very much unwanted, as they can read mysql passwords from config files etc.
Anyways, apparently you have a choice per domain. This is not really what I'm looking for (as far as I'm concerned entire server runs PHP as fastcgi, cgi and/or mod_php don't need to be options, they just allow for screw ups). I can set it in the template, so that should void 99% of it though.
Harder however are the existing domains. These all come over with mod_php. Been looking at the domain command, but this seems to only allow me to set PHP on or off, not what 'mode' it runs it in. This is also prevalent from the --info option on the domain. It doesn't output how it runs PHP just that it's enabled.
So I'm looking for a foolproof way to enable PHP as fastcgi on all existing domains easily (have to import 200 to 300). I can have a look at the database, probably just a flag and run the command to regenerate the httpd.conf and includes, but afraid that if I overlook something it will give issues later on or doesn't nicely update all the configs.
Any official ways of doing this? If I know what flags it are in the database tho' I can make a script to check the value on each domain every night so I can be alerted if one has it as something else than fastcgi.
TIA
