Date: Sat, 22 Jan 2011 02:41:48 +0100 From: "Terrence Koeman" <root@mediamonks.net> To: "freebsd-questions@freebsd.org" <freebsd-questions@freebsd.org> Cc: Da Rock <freebsd-questions@herveybayaustralia.com.au> Subject: RE: no apache22, php5 cores Message-ID: <b63e3cdbcf2c5d4ea32f2ebc0395446b@mediamonks.com> In-Reply-To: <4D3A3135.70806@herveybayaustralia.com.au>
next in thread | previous in thread | raw e-mail | index | archive | help
> -----Original Message----- > From: owner-freebsd-questions@freebsd.org [mailto:owner-freebsd- > questions@freebsd.org] On Behalf Of Da Rock > Sent: Saturday, January 22, 2011 02:22 > To: freebsd-questions@freebsd.org > Subject: Re: no apache22, php5 cores > [snip] > Apache will work with php, but some sites may be coded with it, so they > will simply show the code- careful with security! Better stop apache to > be sure until it works with php, OR comment out the sites using it. Afaik it's possible to protect yourself against this problem by configuring= Apache to refuse serving some types of files (.php, etc.) as static. This = provides a safeguard against serving up config files with passwords and wha= tnot. As I don't run Apache any longer I can't help with the details, but I remem= ber it being quite simple to accomplish. There's also a script floating around on the internet that will detect a ph= p load failure, send a mail about it, switch config files and start up apac= he without PHP and have it serve up a PHP load error page for all PHP reque= sts. -- Regards, T. Koeman, MTh/BSc/BPsy; Technical Monk MediaMonks B.V. (www.mediamonks.com) Please quote relevant replies in correspondence.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?b63e3cdbcf2c5d4ea32f2ebc0395446b>