08-04-07, 03:21 PM
|
#1 | |
|
Registered User
Join Date: Apr 2007
Location: UK
Posts: 2,510
|
The best security ?
What is everybodys oppinion of the best security to use on a PHP site ?
I hear Sentinel is quite good. ! |
|
|
|
|
08-04-07, 07:17 PM
|
#2 | |
|
Registered User
Join Date: Jul 2005
Posts: 3,606
|
Re: The best security ?
I actually prefer Suhosin as Stephen Esser is the developer of the extension ad was an active developer on the PHP team prior to him leaving due to PHP's lackadaisical approach to security.
|
|
|
|
|
|
08-07-07, 04:51 AM
|
#3 |
|
Nerd, Geek, Freak
Join Date: Sep 2005
Location: Finland
Posts: 703
|
Re: The best security ?
__________________
web | cat Christianity, noun: The belief that a cosmic Jewish Zombie who was his own father can make you live forever if you symbolically eat his flesh and telepathically tell him you accept him as your master, so he can remove an evil force from your soul that is present in humanity because a rib-woman was convinced by a talking snake to eat from a magical tree. [mad.frog] |
|
|
|
|
08-07-07, 05:18 AM
|
#4 | |
|
Registered User
Join Date: Apr 2007
Location: UK
Posts: 2,510
|
Re: The best security ?
Quote:
 |
|
|
|
|
|
08-08-07, 06:38 PM
|
#5 |
|
*BANNED*
Join Date: Sep 2006
Posts: 427
|
Re: The best security ?
.
|
|
|
|
|
08-08-07, 07:03 PM
|
#6 |
|
Join Date: Mar 2007
Posts: 183
|
Re: The best security ?
i run suhosin and suPHP with a good set of mod_security rules... suPHP is the important thing though, it makes php run as the user who owns the files not nobody (mod_php) makes tracking spam/exploits easier.
__________________
CPU: i7 2600k @ 4.4Ghz GPU: GTX 560ti 2G SLI PPU: |
|
|
|
|
|
09-12-07, 07:46 AM
|
#7 |
|
Registered User
Join Date: Jul 2005
Posts: 3,606
|
Re: The best security ?
I wanted to add mod_chroot as an option as well for a layered security approach. If the webserver is compromised the system won't be if there's a properly chrooted environment.
One thing to note, PHP's mail() function depends on sendmail and/or other binary. The system() and other shell functions depend on a working shell. I statically compiled mini_sendmail for the chrooted environment. I also use busybox-static from the repo's hardlinked into the chrooted environment. |
|
|
|
 |
| Thread Tools | |
|
|
Similar Threads
|
||||
| Thread | Thread Starter | Forum | Replies | Last Post |
| The Circuit: Pandora talks radio royalties, LinkedIn hit with security breach, Nasdaq | News | Latest Tech And Game Headlines | 0 | 06-06-12 06:30 PM |
| Dept. of Homeland Security Forced to Release List of Keywords Used to Monitor Social | News | Latest Tech And Game Headlines | 0 | 05-27-12 01:00 AM |
| Ask Slashdot: Why Not Linux For Security? | News | Latest Tech And Game Headlines | 0 | 05-25-12 09:30 PM |
| Apple Invites Kaspersky to Improve OS X Security | News | Latest Tech And Game Headlines | 0 | 05-14-12 07:00 PM |
| Video: Cyber Security Defense Using HPC | News | Latest Tech And Game Headlines | 0 | 05-07-12 04:00 PM |
