Patrick Donker wrote:
Guys,
What is the best way, security wise, to host cgi, perl or php scripts?
Should I start using a jail or are there other ways to keep my server
from being a worm or spam platform. Links to howtos or other threads
are most welcomed.
Thanks
-Patrick
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server
Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
" from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
What exactly do you mean by hosting your scripts? Are you referring to
where to put them on your server, physically, in relation to your
DOCUMENT_ROOT?
Also, if the script is going to be useful, it's going to be accessible
from the web, so it doesn't really matter where you host them on your
server, as they'll all be equally visible in order to be executable.
Lastly, some of these scripting engines, such as PHP, have a "safe mode"
feature that helps to prevent common exploits, but that is only
effective if you are running an unsafe setup in the first place, and
moreover, is oftentimes very restrictive to most scripts.
Let us know some of these details, and maybe we can help out some more.
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
" from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
