Dear Wiki user, You have subscribed to a wiki page or wiki category on "Httpd Wiki" for change notification.
The following page has been changed by jmcg: http://wiki.apache.org/httpd/ScratchPad/SecuringPHP New page: ## Please edit system and help pages ONLY in the moinmaster wiki! For more ## information, please see MoinMaster:MoinPagesEditorGroup. ##master-page:Unknown-Page ##master-date:Unknown-Date ##acl MoinPagesEditorGroup:read,write,delete,revert All:read #format wiki #language en == Securing a Multi-site PHP setup == ===== This is a working title. ===== Due to many requests of this kind #apache, I decided that repeatin myself is getting boring, so I will start writing down my approach to this and invite anybody who has experience in this field to extend this wiki page. === open_basedir === ==== Prerequisites ==== To seperate the single PHP sites I host, I use PHP's open_basedir apraoch. Due to the fact, that this directive is NOT respected by all functions, be it a design flaw, an exploit or third party libraries that simply ignore this setting, I recommend installing the [http://www.hardened-php.net/suhosin.127.html Suhosin Extension], which in the past has proven to be capable of holding against such flaws. As always it pays to consider well the directory structure of your sites. The structure I have chose looks as follows: {{{ /srv/web/domain.tld/ /srv/web/domain.tld/htdocs/ /srv/web/domain.tld/tmp/ /srv/web/domain.tld/sessions/ /srv/web/sub.domain.tld/ /srv/web/sub.domain.tld/htdocs/ /srv/web/sub.domain.tld/tmp/ /srv/web/sub.domain.tld/sessions/ /srv/web/otherdomain.tld/ /srv/web/otherdomain.tld/htdocs/ /srv/web/otherdomain.tld/tmp/ /srv/web/otherdomain.tld/sessions/ }}} ''/srv/web'' being the base of my installation, I chose to put every domain and every subdomain of those domains in it's own directory. Please note that this is a simple setup, serving as an idea an example -- not a reference installation. ''/srv/web/domain.tld/htdocs'' will be our [http://httpd.apache.org/docs/2.2/mod/core.html#documentroot DocumentRoot] ''tmp'' and ''sessions'' will be configured per vhost as directories for temporary uploads and sessions. Now let's have look at our config! === Example Configuration === {{{ <VirtualHost *:80> ServerAdmin [EMAIL PROTECTED] DocumentRoot /srv/web/domain.tld/htdocs ServerName domain.tld php_admin_value open_basedir /srv/web/domain.tld/ php_admin_value upload_tmp_dir /srv/web/domain.tld/ php_admin_value session.safe_path /srv/web/domain.tld/sessions/ <Directory /srv/web/domain.tld/htdocs> php_admin_flag engine on AllowOverride AuthConfig FileInfo Order allow,deny allow from all </Directory> </VirtualHost> }}} ==== Explanation ==== What is happening in this configuration? First of all we set our ''htdocs'' as the ''DocumentRoot'', set the ServerName and then we allow PHP to access this domain's basedirectory. The reason for this is that we need need to access ''tmp'' and ''sessions''. I have experienced that copy/move and other functions related to upload from ''tmp'' to ''htdocs'' will FAIL if you just specify a path in the style of ''/foo/bar:/baz''. Also note that ''open_basedir'' has a special feature, that searches for files or directories starting with ''bar'' if you specify a path of ''/foo/bar'' -- with no trailing slash. This piece of information is important if you host a wiki for instance, which uses diff or diff3, you will have to supply it in the open_basedir string. === Limitation === xxx
