No offence, but chances are that no-one is answering because it's not a PHP related question. My advice to you is to read the faq's at apache.org (the correct address you need is http://httpd.apache.org/docs/misc/FAQ.html specifically section E) and set up apache securely first (which is not too difficult, by default, apache only gives people read access to everything within the htdocs folder and nothing else) and once you've done that, install PHP on top of it. You'll find that PHP makes little or no difference to the security of your web-server. Reading your email a bit more thoroughly it seems that you want to host several websites from one machine, yes? In which case, you want to use the Virtual Hosts functions of Apache, see http://httpd.apache.org/docs/vhosts/ for further details.
Anyway, good luck. Oh and another link I just found is the support web-ring for apache: http://p.webring.com/navcgi?ring=apachesupport;list Have fun! :) Ross -----Original Message----- From: Tim Mackenzie [mailto:[EMAIL PROTECTED]] Sent: 02 April 2002 16:47 To: [EMAIL PROTECTED] Subject: [PHP-WIN] Re: Security using Apache & Windows No one can help?! Please, please, please... "Tim Mackenzie" <[EMAIL PROTECTED]> wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > I'm running W2K with Apache and PHP4. I'm going to be hosting a number of > websites that I would like to provide PHP support for. What I don't want is > them to be able to access my entire file system. They should, at most, be > only allowed read/write access to their site folder. How do I go about > doing this? I've looked around, but I haven't found something that > addresses this. I know there's the basedir value (I think that's it), but I > don't understand how to use it. Could somebody (several people) please post > any tips they have for securing the file system of a web server. Thanks! > > -- PHP Windows Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP Windows Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
