I currently run suPHP and have just installed php5-suhosin. Can I run them both together and if so where do I configure suhosin? As usually it is in the php5 ini file but suphp doesnt use that i dont think.
Asked
Active
Viewed 594 times
2 Answers
2
Yes you can use suhosin with suPHP. I think by default the configuration is in /etc/php5/cgi/conf.d/suhosin.ini (at least it is in debian 6).
When PHP is run by suPHP, it still try to read its configuration from the default location(s), unless you have set the "suPHP_ConfigPath" option, which overrides the default. In that case suPHP_ConfigPath points to the directory containing the php.ini file.
If unsure, create a test PHP file with a simple "phpinfo()" instruction and check what is the listed "Configuration File (php.ini) Path". That is the place where the php.ini used by suPHP is located and where you can add your own suhosin options.
Hope this helps.
Regards, MValdez.
MV.
- 766
- 7
- 11
0
If you are using Apache and virtual hosts, you can also try apache2-mpm-itk:
mpm-itk allows you to run each of your vhost under a separate uid and gid — in short, the scripts and configuration files for one vhost no longer have to be readable for all the other vhosts
Tader
- 141
- 1
- 6
-
So this replaces suphp? Also is this related to /usr/lib/apache2/mpm-prefork/apache2 ? – h00j May 23 '12 at 09:47
-
Yes, it replaces suPHP, i.e., this runs the apache worker process as the specified user, so your PHP script will run as the same user. (In my setup it works with Suhosin v0.9.32.1.) – Tader May 23 '12 at 09:49
-
And yes, this replaces mpm-prefork -- it manages a pool of apache processes, only now running as different users. – Tader May 23 '12 at 09:53