Menu
▾
▴
Re: [Phpwebsite-developers] Issues running with php command line
|
From: Verdon V. <ve...@ve...> - 2007-05-04 11:47:09
|
On 4-May-07, at 2:55 AM, Shaun Murray wrote: > > On 3 May 2007, at 23:18, Tuc at T-B-O-H.NET wrote: > >>> >>>> I'm trying to run under CGIWRAP for Php, which is forcing me to >>>> run via the command line. In doing so, I really can't seem to get >>>> too far >>>> on this. >>> >>> My lack of response is due to my inexperience with running php in >>> cgi >>> mode. Should anyone have insight what can be changed to enable the >>> script in this environment, I'd be happy to make the changes. >>> >> I'm being told from the CGIWRAP people that it should "WORK", >> but when I post my CGIWRAP config, I get a deafening silence....... >> >> What are others using for PHP security? > > I've used phpsuexec in the past which runs PHP as a CGI.I It's common > on cPanel based servers. Mostly I don't though. It's too restrictive. > It doesn't force you to use the commandline though from what I > remember of it. > > For the types of attacks I get I find mod_security, a decent firewall > and a couple of changes to my mail server are enough to work with. > More work for me perhaps but less restrictions on my users, namely > not having .htaccess use, which is the biggest restriction with > phpsuexec and most of the cgi methods. > > I know most of my users too and watch any new users I don't. I'm in the same boat as Shaun and use pretty much the same setup. I do know from much forum trawling that when using php in cgi mode that file ownership and permissions are even more critical than otherwise. Could that be the cause of some of the trouble you're having? I believe the files must be owned by the user running the php-cgi as well as having the executable bit set, and that folders you might normally have set to user:webserver and 775 need to be user:user 755. verdon |
