Date: Tue, 20 Jan 2009 10:54:40 -0500 From: "Brian A. Seklecki" <bseklecki@collaborativefusion.com> To: Albert Thiel <athiel@yourdatacenter.com> Cc: freebsd-ports@freebsd.org Subject: Re: PHP question Message-ID: <1232466880.18865.49.camel@soundwave.ws.pitbpa0.priv.collaborativefusion.com> In-Reply-To: <bea64a2b5b724861a7376bce8307b0d2.athiel@yourdatacenter.com> References: <bea64a2b5b724861a7376bce8307b0d2.athiel@yourdatacenter.com>
next in thread | previous in thread | raw e-mail | index | archive | help
--=-CERQWsr4pIj/z20BrTfp Content-Type: text/plain Content-Transfer-Encoding: quoted-printable On Wed, 2009-01-14 at 15:26 -0500, Albert Thiel wrote: > I am trying to figure out how to get a working Apache 2.x server with PHP= in a safe configuration (or=20 > as safe as possible based upon all the vulns). I do not need a database. >=20 > What version and options is my best bet. I have tried on my own but losi= ng it. Nothing I have tried=20 > works. =20 This is the wrong list of general PHP setup instructions. =20 PHP4 is dead. PHP5 is nearing beta1 of 5.3. Use 5.2.9 in the mean time. # cd /usr/ports/lang/php5 && make config && make install Modify your apache22 httpd.conf accordingly to activate the module. There are thousands of sites that explain the proces. Security with PHP involves writing code well, both in your application, and in the PHP engine -- as well as responsible administration: locking out insecure features in php.ini ~BAS=09 --=-CERQWsr4pIj/z20BrTfp Content-Type: application/pgp-signature; name=signature.asc Content-Description: This is a digitally signed message part -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) iEYEABECAAYFAkl188AACgkQCne6BNDQ+R+bfQCfYzpXZJ5rlnlhGDBJMTcEx3l0 skwAn0geqegL/0/quCHzZUOGCgRVIIvr =4ppA -----END PGP SIGNATURE----- --=-CERQWsr4pIj/z20BrTfp--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?1232466880.18865.49.camel>