Re: Many Virtual Hosts security problem with PHP

If you run php in safe mode and set your PHP open_basedir to the DocumentRoot for the domain, then they cannot open any files outside of that directory. In php.ini: safe_mode = on Then in your : php_admin_flag engine on php_admin_value open_basedir "/var/www/vhosts/domain.com/htdocs:/tmp" I

Re: Many Virtual Hosts security problem with PHP

> If you run php in safe mode and set your PHP open_basedir to the > DocumentRoot for the domain, then they cannot open any files outside of > that directory. In php.ini: > > safe_mode = on > > Then in your : > > php_admin_flag engine on > php_admin_value open_basedir "/var/www/vhosts/domain.com/

RE: Many Virtual Hosts security problem with PHP

You can also put other directives in section, like Addtypes for scripting and other file types. Override settings for .htaccess. Other php related settings.(includepath, sendmail from, upload tmp dir,..) errdoc,... Keep ftp root over www root, gives you a private space to have includefiles, tmp

RE: Many Virtual Hosts security problem with PHP

You can also put other directives in section, like Addtypes for scripting and other file types. Override settings for .htaccess. Other php related settings.(includepath, sendmail from, upload tmp dir,..) errdoc,... Keep ftp root over www root, gives you a private space to have includefiles, tm

Re: Many Virtual Hosts security problem with PHP

If you run php in safe mode and set your PHP open_basedir to the DocumentRoot for the domain, then they cannot open any files outside of that directory. In php.ini: safe_mode = on Then in your : php_admin_flag engine on php_admin_value open_basedir "/var/www/vhosts/domain.com/htdocs:/tmp" You

Many Virtual Hosts security problem with PHP

I have a machine with many virtual hosts. Some of the virtual hosts are maintained by clients (we serve as web hosting company) and some are internal. The external accounts are loked out of the main fylesystem using proftpd chroot feature and by having /dev/null as the shell. My problem is that eve

Re: Many Virtual Hosts security problem with PHP

If you run php in safe mode and set your PHP open_basedir to the DocumentRoot for the domain, then they cannot open any files outside of that directory. In php.ini: safe_mode = on Then in your : php_admin_flag engine on php_admin_value open_basedir "/var/www/vhosts/domain.com/htdocs:/tmp" You

Many Virtual Hosts security problem with PHP

I have a machine with many virtual hosts. Some of the virtual hosts are maintained by clients (we serve as web hosting company) and some are internal. The external accounts are loked out of the main fylesystem using proftpd chroot feature and by having /dev/null as the shell. My problem is that ev