...
Save the file and browser to file using a browser. You can use either the IP Address or the valid Domain Name. For example, http://173.194.75.94/info.php or http://www.krypton.com/info.php which should show a purple and grey PHP informational screen.
Secure the Server
suPHP, LiteSpeed Web ServerThe security posture is from an administrative perspective and not for self-serve and shared hosting.
| Panel |
|---|
Determine if this actually increases security - http://www.suphp.org/Home.html. It seems to suPHP and LiteSpeed make the most sense for shared hosting. This article indicates that suphp is slow as it makes php run as a cgi. Instead it recommends restrictions using mod_php - http://serverfault.com/questions/279938/should-i-use-suphp-or-mod-php-for-shared-hosting. Along this thread another poster recommends, http://mpm-itk.sesse.net/ which allows vhosts to be run under different uid and gid. This restricts the php process to specific directories - http://help.godaddy.com/article/1616 |
Restrict the Execution of PHP to a Specific Folder
Edit, vi /etc/php5/apache2/php.ini to only allow execution of php scripts in the /home directory.
| Code Block |
|---|
; open_basedir, if set, limits all file operations to the defined directory
; and below. This directive makes most sense if used in a per-directory
; or per-virtualhost web server configuration file. This directive is
; *NOT* affected by whether Safe Mode is turned On or Off.
; http://php.net/open-basedir
open_basedir = /home |
This helps minimizes the amount of damage that can be done in the event that the system is compromised to the specified directory.
Install MySQL
| Code Block | ||
|---|---|---|
| ||
sudo apt-get install mysql-server |
...