Print
-
Tuesday 26th July 2016 17:10
-
1. suPHP will enforce the running of php scripts under the account
name within which they run (the same as suexec does for CGI scripts).
This means that any exploit files in /tmp, etc, will be owned by the
account that has been compromised and makes it easier to track.
2. It will enforce strict permissions on directories and files (they
must not have world execute/write enabled on them). This can temporarily
break existing scripts until you fix the directory and file
permissions. (You normally need to change permissions from 777 to 755 to
fix this.)
3. Any local PHP variables in .htaccess files have to be removed and added to a local php.ini file instead.
So, it can cause problems in some cases, but there are significant security benefits.
Related Articles
Self-Hosted Help Desk Software by
SupportPal