From owner-freebsd-ports@FreeBSD.ORG Tue Jan 20 16:21:22 2009 Return-Path: Delivered-To: freebsd-ports@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id F22D51065702 for ; Tue, 20 Jan 2009 16:21:22 +0000 (UTC) (envelope-from bseklecki@collaborativefusion.com) Received: from collaborativefusion.com (mx01.pub.collaborativefusion.com [206.210.89.201]) by mx1.freebsd.org (Postfix) with ESMTP id 4D94B8FC13 for ; Tue, 20 Jan 2009 16:21:21 +0000 (UTC) (envelope-from bseklecki@collaborativefusion.com) Received: from Internal Mail-Server by mx01 (envelope-from bseklecki@collaborativefusion.com) with SMTP; 20 Jan 2009 10:54:40 -0500 From: "Brian A. Seklecki" To: Albert Thiel In-Reply-To: References: Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="=-CERQWsr4pIj/z20BrTfp" Organization: Collaborative Fusion, Inc. Date: Tue, 20 Jan 2009 10:54:40 -0500 Message-Id: <1232466880.18865.49.camel@soundwave.ws.pitbpa0.priv.collaborativefusion.com> Mime-Version: 1.0 X-Mailer: Evolution 2.22.3.1 (2.22.3.1-1.fc9) Cc: freebsd-ports@freebsd.org Subject: Re: PHP question X-BeenThere: freebsd-ports@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: bseklecki@collaborativefusion.com List-Id: Porting software to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 20 Jan 2009 16:21:23 -0000 --=-CERQWsr4pIj/z20BrTfp Content-Type: text/plain Content-Transfer-Encoding: quoted-printable On Wed, 2009-01-14 at 15:26 -0500, Albert Thiel wrote: > I am trying to figure out how to get a working Apache 2.x server with PHP= in a safe configuration (or=20 > as safe as possible based upon all the vulns). I do not need a database. >=20 > What version and options is my best bet. I have tried on my own but losi= ng it. Nothing I have tried=20 > works. =20 This is the wrong list of general PHP setup instructions. =20 PHP4 is dead. PHP5 is nearing beta1 of 5.3. Use 5.2.9 in the mean time. # cd /usr/ports/lang/php5 && make config && make install Modify your apache22 httpd.conf accordingly to activate the module. There are thousands of sites that explain the proces. Security with PHP involves writing code well, both in your application, and in the PHP engine -- as well as responsible administration: locking out insecure features in php.ini ~BAS=09 --=-CERQWsr4pIj/z20BrTfp Content-Type: application/pgp-signature; name=signature.asc Content-Description: This is a digitally signed message part -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) iEYEABECAAYFAkl188AACgkQCne6BNDQ+R+bfQCfYzpXZJ5rlnlhGDBJMTcEx3l0 skwAn0geqegL/0/quCHzZUOGCgRVIIvr =4ppA -----END PGP SIGNATURE----- --=-CERQWsr4pIj/z20BrTfp--