From owner-freebsd-questions@FreeBSD.ORG Sat Jan 22 01:40:48 2011 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 69AA8106566C for ; Sat, 22 Jan 2011 01:40:48 +0000 (UTC) (envelope-from root@mediamonks.net) Received: from mail.mediamonks.net (mail.mediamonks.net [217.195.117.200]) by mx1.freebsd.org (Postfix) with ESMTP id 084488FC13 for ; Sat, 22 Jan 2011 01:40:47 +0000 (UTC) X-CGP-Sophos: Scanned and found clean X-Abuse-Info: Send abuse reports about this email to abuse@mediamonks.net Received: from [217.195.122.32] (account terrence@mediamonks.com) by mail.mediamonks.net (CommuniGate Pro IMAP 5.4c1) with XMIT id 6721280; Sat, 22 Jan 2011 02:40:45 +0100 Date: Sat, 22 Jan 2011 02:41:48 +0100 Organization: MediaMonks B.V. Message-Id: In-Reply-To: <4D3A3135.70806@herveybayaustralia.com.au> MIME-Version: 1.0 Thread-Topic: no apache22, php5 cores Priority: Normal Importance: normal X-MSMail-Priority: normal X-Priority: 3 Sensitivity: Normal Thread-Index: Acu51YjTuFslyK3zR0uQs8Q5TWsuiQ== From: "Terrence Koeman" To: "freebsd-questions@freebsd.org" X-Mailer: CommuniGate Pro MAPI Connector 1.52.53.1/1.53.11.1 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable Cc: Da Rock Subject: RE: no apache22, php5 cores X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 22 Jan 2011 01:40:48 -0000 > -----Original Message----- > From: owner-freebsd-questions@freebsd.org [mailto:owner-freebsd- > questions@freebsd.org] On Behalf Of Da Rock > Sent: Saturday, January 22, 2011 02:22 > To: freebsd-questions@freebsd.org > Subject: Re: no apache22, php5 cores > [snip] > Apache will work with php, but some sites may be coded with it, so they > will simply show the code- careful with security! Better stop apache to > be sure until it works with php, OR comment out the sites using it. Afaik it's possible to protect yourself against this problem by configuring= Apache to refuse serving some types of files (.php, etc.) as static. This = provides a safeguard against serving up config files with passwords and wha= tnot. As I don't run Apache any longer I can't help with the details, but I remem= ber it being quite simple to accomplish. There's also a script floating around on the internet that will detect a ph= p load failure, send a mail about it, switch config files and start up apac= he without PHP and have it serve up a PHP load error page for all PHP reque= sts. -- Regards, T. Koeman, MTh/BSc/BPsy; Technical Monk MediaMonks B.V. (www.mediamonks.com) Please quote relevant replies in correspondence.