• If you are still using CentOS 7.9, it's time to convert to Alma 8 with the free centos2alma tool by Plesk or Plesk Migrator. Please let us know your experiences or concerns in this thread:
    CentOS2Alma discussion

Switch from mod_php to php as cgi

P

popminister

Guest
It seems to be impossible to setup a secure mod_php environment because of some famous php-scripts which won't run with secure settings.

You can put the scripts into the open_basedir jail but if you don't use the option to disable functions like exec() or system() users still can browse through foreign directories. This is because of the fact that all scripts run from the same user account e.g. apache which has got the rights to access all users web directories.

So at the moment it seems for me to be the best solution to switch back to the cgi solution like it was used in confixx, which was my last controlpanel software.

The cgi-solution makes it impossible to run the scripts with the rights of the webuser and so the users can't access foreign directories.

But the question is: How can this be done with plesk? I need to modify the entries which plesk adds to all virtual host directives it writes into /etc/httpd/httpd.include.

Any ideas?

Thanks in advance

Popminister
 
There seem to be some other ideas on how to make php run secure in shared hosting environments:

Look here

But none of them is already advised to be ran in production environments.

Has anybody some better ideas or a solution?
 
Back
Top