[CentOS] Apache Security
David Hrbáč
hrbac.conf at seznam.czSun Jul 9 11:57:42 UTC 2006
- Previous message: [CentOS] Apache Security
- Next message: [CentOS] Re: dell-lnx-pe] Re: RHEL4 vs CentOS-4
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Mike napsal(a): > Some suggestions: > (Already mentioned) Keep php scripts up to date! This is paramount > (Already mentioned) mount /tmp on loop with noexec > (Already mentioned) php.ini: allow_url_fopen = off > (Already mentioned) Learn how to use mod_security effectively > (Already mentioned) Block outbound tcp/80 with iptables/etc > (Already mentioned) SELinux can provide more fine grain control over > - "who" can do "what" > (Already mentioned) Use UNIX permissions to restrict access to > - wget/curl/ncftp/lynx/etc > > Additional: > php.ini: disable_functions = system,exec,passthru,shell_exec,pcntl_exec > For php 4.x I would add also safe_mode=On. sed -i 's/safe_mode = Off/safe_mode = On/' /etc/php.ini David Hrbáč
- Previous message: [CentOS] Apache Security
- Next message: [CentOS] Re: dell-lnx-pe] Re: RHEL4 vs CentOS-4
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
More information about the CentOS mailing list