[WEB SECURITY] Securing apache installation with PHP
Cedric Foll
cedric.foll at ac-rouen.fr
Thu May 19 07:15:27 EDT 2005
Hi,
I have to set up a new web server where many users would be able to put
PHP web pages.
I would like to harden my setup.
I've read these great articles http://www.securityfocus.com/infocus/1706
and http://www.securityfocus.com/infocus/1694.
I use all advices here and i'm going use mod_security.
What else can i do to protect my webserver ?
For exemple, there is disable_functions and disable_classes in php.ini.
What should I put there ?
Regards.
--
Cedric Foll
Ingénieur Sécurité & Réseaux
Division Informatique, Rectorat de Rouen
"He who joyfully marches to music in rank and file has already earned my
contempt. He has been given a large brain by mistake, since for him the
spinal cord would fully suffice."
Albert Einstein
---------------------------------------------------------------------
The Web Security Mailing List
http://www.webappsec.org/lists/websecurity/
The Web Security Mailing List Archives
http://www.webappsec.org/lists/websecurity/archive/
More information about the websecurity
mailing list