Apart from those settings, jailing php just like nginx as we do with 'Install_nginx_php_services.zip' and following its advice about further jailing, there is only one thing you could do and that's create more php jailed users, one for each instance and jailing them to their environment (www.sitea.nl using a different jailed upstream then www.sitab.nl).
Following these 'basic' recommendations, which are no different then you would do on linux, I have yet to see after millions of attacks anyone breaking through. Here on our clusters we see more then 1 million attacks each month. Stupid configurations, programming without thinking, ignorance, are of course excluded. Posted at Nginx Forum: http://forum.nginx.org/read.php?2,254701,254702#msg-254702 _______________________________________________ nginx mailing list [email protected] http://mailman.nginx.org/mailman/listinfo/nginx
