Eric, I am in the beginning of the same process. I do php, unfortunately our company has just made a large investment in an ASP/MSSQL based directory. I will be building a content management system and moving site from static to database driven (www.insurancejournal.com). I'd love to share tips on how to do this most effectively. I have heard that the most recent build is much more stable as ISAPI module so that's what I'll be trying - another issue I need to sort out is how to keep url's search engine friendly - ie. website.com/news/article_id/123
I will be using the latest php build from this site. I think that this will probablybe much better configured than whatever I would come up with. http://www.php4win.com Later, Josh --- Eric Gentry <[EMAIL PROTECTED]> wrote: > I have looked at the tool already, and it doesn't > reference security for > any issues with php. > > I know what to do to the IIS server to secure it, my > concern is over the > addition of the php module and how it effects the > security of the > system. > > -----Original Message----- > From: Robin Bolton [mailto:[EMAIL PROTECTED]] > Sent: Monday, April 01, 2002 10:52 AM > To: Eric Gentry; [EMAIL PROTECTED] > Subject: RE: [PHP-WIN] Configuring securely in IIS5 > > > A good place to start may be the IIS Lockdown Tool: > > http://www.microsoft.com/WINDOWS2000/downloads/recommended/iislockdown/d > efau > lt.asp > > > -----Original Message----- > From: Eric Gentry > [mailto:[EMAIL PROTECTED]] > Sent: Monday, April 01, 2002 8:15 AM > To: [EMAIL PROTECTED] > Subject: [PHP-WIN] Configuring securely in IIS5 > > > I have been able to install php and get it running > on our test server > running IIS5. Everything is going fine, but now I am > beginning to ponder > the question, how do I secure this when it goes > live? > > I have read through the installation documentation, > and read the > security chapter of the php manual that I downloaded > from the php.net > website. > > Various queries to Google have been unproductive, so > I thought I may > check here. > > Now, I am not talking about script internals > security (that will be > handled more by our development team), just mainly > how to configure php > on the server so that I don't have people tearing > the darn thing down > when this site goes live. We are using the ISAPI > module. > > I have seen numerous tidbits on Apache, but we are > going to be using > IIS. > > Can anyone point me to a book, FAQ, examples, > anything to set me on the > way? > > Thanks a ton > > > > -- > PHP Windows Mailing List (http://www.php.net/) > To unsubscribe, visit: http://www.php.net/unsub.php > > > > -- > PHP Windows Mailing List (http://www.php.net/) > To unsubscribe, visit: http://www.php.net/unsub.php > __________________________________________________ Do You Yahoo!? Yahoo! Tax Center - online filing with TurboTax http://taxes.yahoo.com/ -- PHP Windows Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
