...
Edit, vi /etc/php5/apache2/php.ini to only allow execution of php scripts in the /home directoryspecific directories.
| Code Block |
|---|
; open_basedir, if set, limits all file operations to the defined directory
; and below. This directive makes most sense if used in a per-directory
; or per-virtualhost web server configuration file. This directive is
; *NOT* affected by whether Safe Mode is turned On or Off.
; http://php.net/open-basedir
open_basedir = /home/www.krypton.com/www/blog/:/home/www.earth.com/www/blog/ |
This helps minimizes the amount of damage that can be done in the event that the system is compromised to the specified directory.
Restart Apache for the changes to take effect,
| Code Block | ||
|---|---|---|
| ||
sudo service apache2 restart |
You will now find that php scripts will only run in the designated directories specified in php.ini.
Install MySQL
| Code Block | ||
|---|---|---|
| ||
sudo apt-get install mysql-server |
...
| Code Block | ||
|---|---|---|
| ||
cd /home/www.krypton.com/www/ sudo chown -R nobodywww-data:wgkrypton ./blog/ sudo chmod -R o-rwx ./blog/ # No users except nobody and those belong to the group wgkrypton will be granted access. sudo chmod -R u-w ./blog/ sudo chmod -R g+w ./blog/ # Any user belonging to the wgkrypton group can manage the site |
...