( ! ) Warning: Creating default object from empty value in /var/www/clients/client1/web1/web/modules/Forums/common.php on line 421
Call Stack
#TimeMemoryFunctionLocation
10.0001358512{main}( ).../modules.php:0
20.0149369456include( '/var/www/clients/client1/web1/web/index.php ).../modules.php:4
30.0641676080include( '/var/www/clients/client1/web1/web/modules/PHP_Manual/index.php ).../index.php:179
40.0650676992include( '/var/www/clients/client1/web1/web/header.php ).../index.php:157
50.0650693592head( ).../header.php:112
60.0650694176online( ).../header.php:39
70.0650694176my_online( ).../mainfile.php:720
80.0650697352include( '/var/www/clients/client1/web1/web/modules/Forums/common.php ).../custom_mainfile.php:1151
Omega13a's Corner - PHP Manual - Security - Apache
Omega13a's Corner
Contribute To This Site
Submit a Download
Submit a Link
Submit A Review for Omega13a's Corner

This Website Is Best Viewed In Mozilla Firefox 0.9+
You Are Currently Using
  Login or Register
::  Home   ::  Your Account   ::  Forums   ::  UFT Encyclopedia   ::  UFT Writer  ::
2020.81
Omega13a's Wish List
My Amazon.com Wish List
 
Affiliates
Supported by

[ Be A Supporter ]
[ NukeSupporters( tm) ]
 
Navigation
· Hom e
· Rep ort An Error

Omega13a's Corner

· Ome ga13a's Corner Index
· Ana grams
· Ana grams
· Aut ograms
· Aut ograms
· Bum per Stickers
· Bum per Stickers
· Cow Analogies
· Cow Analogies
· Cru el Baby Names
· Cru el Baby Names
· DHT ML Tricks
· DHT ML Tricks
· Dum b Criminals
· Dum b Criminals
· Dum b Headlines
· Dum b Headlines
· Dum b Laws
· Dum b Laws
· Dum b Questions
· Dum b Questions
· Dum b Quotes
· Dum b Quotes
· Dum b Signs
· Dum b Signs
· Dum b Warning Labels
· Dum b Warning Labels
· Eye witness Reports
· Eye witness Reports
· Fea rs
· Fea rs
· Gam es
· Gam es
· Goo gle Searches
· Goo gle Searches
· Gra phing Calculator
· Gra phing Calculator
· Hor oscope
· Hor oscope
· hta ccess Tutorials
· hta ccess Tutorials
· HTM L Manual
· HTM L Manual
· IP Lookup
· IP Lookup
· Jok es
· Jok es
· Mis c Funny Stuff
· Mis c Funny Stuff
· Odd Books
· Odd Books
· Odd Place Names
· Odd Place Names
· Odd Product Names
· Odd Product Names
· Our Solar System
· Our Solar System
· Pal indromes
· Pal indromes
· Pan grams
· Pan grams
· PEA R Manual
· PEA R Manual
· PHP Manual
· PHP Manual
· PHP Nuke Tools
· PHP Nuke Tools
· Poi ntless Quizzes
· Poi ntless Quizzes
· Pri me Numbers
· Pri me Numbers
· Ran dom Quotes
· Ran dom Quotes
· Ran t
· Ran t
· Rev iews
· Rev iews
· Rhy ming Pairs
· Rhy ming Pairs
· Sci -Fi/Fantasy Encyclopedia
· Sci -Fi/Fantasy Encyclopedia
· Wea ther
· Wea ther
· Wei rd Ads
· Wei rd Ads
· Wei rd Wide Web
· Wei rd Wide Web
· Zen Sarcasms
· Zen Sarcasms

Star Trek

·&nbs pBorg Species Designations
· Bor g Species Designations
· FAQ
· FAQ
· Sev Trek
· Sev Trek
· Sta r Trek Alien Sayings
· Sta r Trek Alien Sayings
· Sta r Trek Eggs
· Sta r Trek Eggs
· Sta r Trek Encyclopedia
· Sta r Trek Encyclopedia
· Sta r Trek Episode Guides
· Sta r Trek Episode Guides
· Sta r Trek Goofs
· Sta r Trek Goofs
· Sta r Trek Mysteries
· Sta r Trek Mysteries
· Sta r Trek Reviews
· Sta r Trek Reviews
· Sta r Trek Timeline
· Sta r Trek Timeline
· Tre k Today Headlines
· Tre k Today Headlines
· Wor lds in Star Trek
· Wor lds in Star Trek

Community

· Cha t Bot
· Cha t Bot
· Cha t Room
· Cha t Room
· Fee dback
· Fee dback
· For ums
· For ums
· Gue stbook
· Gue stbook
· Joi n a Webring
· Joi n a Webring
· Joi n the Staff
· Joi n the Staff
· Mem bers List
· Mem bers List
· Pri vate Messages
· Pri vate Messages
· Rec ommend Us
· Rec ommend Us
· Rul es/Terms of Use
· Rul es/Terms of Use
· Sur veys
· Sur veys
· Use r Journals
· Use r Journals
· Vot e For Us
· Vot e For Us
· Win An Award
· Win An Award
· You r Account
· You r Account

Media/Arts

· Dow nloads
· Dow nloads
· Fan Fictions
· Fan Fictions
· Han gman
· Han gman
· Ima ge Gallery
· Ima ge Gallery
· Tec hnobable Generator
· Tec hnobable Generator

Staff Personal Sections

· Lad y Lursa's Reading Corner

Links and Webrings

· Ban ner Exchanges
· Ban ner Exchanges
· Joi n Banner Exchange
· Joi n Banner Exchange
· Lin king To Us
· Lin king To Us
· Top sites
· Top sites
· Web Links
· Web Links
· Web rings
· Web rings

Site Info

· Abo ut the Owner
· Abo ut the Site
· Abo ut the Site
· Abo ut UFT_PHP
· Abo ut UFT_PHP
· Abo ut You
· Awa rds
· Awa rds
· Ban ned Stuff
· Ban ned Stuff
· Cop yright
· Cop yright
· Leg al Information
· Leg al Information
· Mod ifications Installed
· Mod ifications Installed
· Sea rch Results
· Sea rch Results
 
UFT Community

Omega13a's Corner Forums

 
Vote For Us
 
Ads


Installed as an Apache module

Chapter 25. Installed as an Apache module

When PHP is used as an Apache module it inherits Apache's user permissions (typically those of the "nobody" user). This has several impacts on security and authorization. For example, if you are using PHP to access a database, unless that database has built_in access control, you will have to make the database accessible to the "nobody" user. This means a malicious script could access and modify the database, even without a username and password. It's entirely possible that a web spider could stumble across a database administrator's web page, and drop all of your databases. You can protect against this with Apache authorization, or you can design your own access model using LDAP, .htaccess files, etc. and include that code as part of your PHP scripts.

Often, once security is established to the point where the PHP user (in this case, the apache user) has very little risk attached to it, it is discovered that PHP is now prevented from writing any files to user directories. Or perhaps it has been prevented from accessing or changing databases. It has equally been secured from writing good and bad files, or entering good and bad database transactions.

A frequent security mistake made at this point is to allow apache root permissions, or to escalate apache's abilities in some other way.

Escalating the Apache user's permissions to root is extremely dangerous and may compromise the entire system, so sudo'ing, chroot'ing, or otherwise running as root should not be considered by those who are not security professionals.

There are some simpler solutions. By using open_basedir you can control and restrict what directories are allowed to be used for PHP. You can also set up apache_only areas, to restrict all web based activity to non_user, or non_system, files.


Total Hits: 0

Powered by PHPNukePage Protected By Copyscape. Do Not CopyNukeSentinel ProtectedPowered by PEARPowered by PECL

© 2000, 2001, 2002 Trek Archive, 2003, 2004, 2005, 2006, 2007, 2008, 2009, 2010, 2011, 2012, 2013, 2014, 2015, 2016, 2017, 2018, 2019, 2020 United Federation of Trek.
Omega's Corner is © 2005, 2006, 2007, 2008, 2009, 2010, 2011, 2012, 2013, 2014, 2015, 2016, 2017, 2018, 2019, 2020 omega13a.
Star Trek®, Star Trek: The Next Generation®, Star Trek: Deep Space Nine®, Star Trek: Voyager®, Enterprise®, and Star Trek: Enterprise® are registered trademarks of Paramount Pictures and Viacom. All Star Trek material found on this site is for promotional purposes only, and not personal or financial gain. No infringements on their copyrights is intended.
All logos and trademarks in this site are property of their respective owners. The comments are property of their posters.


ROR Sitemap Google Sitemap

PHP-Nuke Copyright © 2005 by Francisco Burzi. This is free software, and you may redistribute it under the GPL. PHP-Nuke comes with absolutely no warranty, for details, see the license.
Page Generation: 0.0622 Seconds
Server Load: 1.96
Queries: 24 (0.0083 seconds)
Included 92 files
242 classes defined
46 interfaces defined
0 classes loaded using __autoload()
2,724 functions defined
4,460 constants defined

:: subBlack phpbb2 style by spectre :: PHP-Nuke theme by www.nukemods.com ::

This Website Is Best Viewed In Mozilla Firefox 0.9+
You Are Currently Using

UFT's Webring of Sci-Fi and Fantasy
UFT's Webring of Sci-Fi and Fantasy
Previous site : Random : Next site : List sites
Powered by PHP-Ring
Psychology News
Scitrek webring
Scitrek webring
Previous site : Random : Next site : List sites
Powered by .PHP-Ring
Psychology News
robots.txt
Contributors Contact Us