I have a server where php is running as an apache module. Every user on the server is restricted to his own directory with open_basedir. I have disabled the following functions: disable_functions = exec,passthru,shell_exec,system,proc_open,popen,curl_multi_exec,parse_ini_file,show_source Now I’d like to forbid custom php config settings, such as: memory_limit max_execution_time max_input_time post_max_size upload_max_filesize How would you go about it? ty Asked by wlf You can use the php_admin_value and php_admin_flag directives to hard code the values into your [...]Continue Reading »
Based on many online sources, in serving static files, Apache2 will create new thread on every different connection… results in resource hungry But how about serving PHP through Apache2 (mod_php, MPM worker, etc)? Does apache will also open new thread like serving static files? (AFAIK, in nginx php-fpm, we can set the max thread, but I dont know how many connection per thread) I’m planning to use Apache2 in serving PHP, and hope it will [...]Continue Reading »
I’m trying out mod_spdy and I’ve run into a problem – it seems to be incompatible with AJAX requests and mod_php as in this: https://www.modspdy.com/blog/2012/04/15/using-mod_spdy-with-php/ The solution seems to be to run php scripts through fastCGI. Now my first question is, why is that? Is there maybe some sort of a workaround? Is this incompatibility just temporary? I would not want to switch the whole production server to fastCGI just because of this. What would [...]Continue Reading »
It was recently suggested to me that I use FastCGI with PHP. Now I went to the FastCGI page and read it but I don’t really understand what the advantages are. Using mod_php each Apache worker has the entire PHP interpreter loaded into it. Because Apache needs one worker process per incoming request, you can quickly end up with hundreds of Apache workers in use, each with their own PHP interpreter loaded, consuming huge amounts [...]Continue Reading »
I run a server with some PHP-powered forums (Vanilla 1.1.5a) on it, and I’ve recently noticed posts going out of order on them. Some digging revealed that Apache seems to be changing the current timezone back and forth from +0000 to -0500 on a request without apparent pattern, which can be seen in log entries like these: 188.8.131.52 – - [15/Jun/2009:22:40:05 +0000] “GET /extensions/MembersList/library/paginate.js HTTP/1.1″ 200 22880 “http://mysite.com/” “Mozilla/5.0 (Macintosh; U; Intel Mac OS X [...]Continue Reading »
Need to determine how php files are being rendered in a LAMP configuration (CGI, FastCGI, or mod-php)
How do I determine how our php files are being rendered in a simple LAMP configuration? phpinfo shows: — Configure Command — –enable-force-cgi-redirect –enable-fastcgi– Server API — CGI/FastCGI– cgi-fcgi — Directive Local Value Master Value cgi.check_shebang_line 1 1 cgi.fix_pathinfo 1 1 cgi.force_redirect 1 1 cgi.nph 0 0 cgi.redirect_status_env no value no value cgi.rfc2616_headers 0 0 fastcgi.logging 1 1 The phpinfo should really give you all the infomration you require regarding your current PHP implementation. It [...]Continue Reading »
One of our older legacy servers which gets no further updates or reconfigurations suddenly stopped resolving hostnames to IPs when PHP is executed within Apache. However, it still works fine when executed from the CLI. From the RSS caches last modification time, I deduce that it stopped working on around Mar, 28th. To reproduce the problem, I created a script using fsockopen() and it said “connection failed (errno 2)”. I further reduced the problem to [...]Continue Reading »
From Ubuntu’s package libary, I find the two modules I need. However: mod-perl2 requires apache2-mpm-worker mod-php5 requires apache2-mpm-prefork The two apache modules are mutually exclusive and ask me to un-install the other in order to install each. Which means I can’t get a server running with both mod-perl2 and mod-php5. Any help greatly appreciated. According to the package listings (here and here) both should work with mpm-perfork. Does the package managemer complain if you try [...]Continue Reading »
I have been investigating the differences between Apache and Nginx recently and am confused about which I should choose. I have done some searching but there is no definitive comparison between the two and I was wondering if someone here could give their views on the differences between the two. My current knowledge allows me to understand that mod_php is faster and more secure than fastcgi however Apache is much worse when it comes to [...]Continue Reading »
We have a company server with a variety of websites. They are maintained by different people from within our company. All websites are public. The server access is limited to our company only. This is NOT a shared hosting environment. We are looking into securing the server, currently analyzing the risk related to permissions of files. We feel the highest risk is when files are uploaded and then opened/executed by the public. This should not [...]Continue Reading »
- Understanding redundant power supplies
- Is there a way for administrators to disable users from installing Firefox extensions?
- Is there research material on NTP accuracy available?
- How to create a limited “domain admin” that does not have access to domain controllers?
- Can Windows RDC admin users be immune from being kicked?