Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
A
A
Alexander Bobrov2015-06-05 15:00:09
PHP
Alexander Bobrov, 2015-06-05 15:00:09

Why run each host as a separate user?

Good afternoon.
You need to set up a VPS for the studio. I'm just learning Linux, so there were difficulties - I can't choose how to organize the distribution by rights and users.
At first I thought, for greater security, create a user for each site and use apache mpm-itk so that each site works in isolation from the others.
That is, so that from one site there is no access to others. But then I thought, if through the php directive open_basedir to forbid the script to rise above its site, then what could be the danger of using the standard apache user everywhere?
I will also disable dangerous php functions like system , execetc. Perl, Python, FTP, mail and panels are not planned for this server. Question: does mpm-itk
and different users give me something in my case? PS Most of the studio's sites are on their own CMS, but there are also common free ones, there are even old ones, I'm afraid that somewhere there may be some vulnerabilities in PHP. The main thing for me is that one hacked site does not damage others and the system.

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

3 answer(s)
Report
O
OnYourLips, 2015-06-05
@OnYourLips

You need to set up a VPS for the studio. I'm just learning Linux, so there were difficulties - I can't choose how to organize the distribution by rights and users.

For each project - a separate VDS.

Report
A
Alexander Kubintsev, 2015-06-05
@akubintsev

I would try to file all this through docker. The php-fpm service would then enter the containers, and the site files would accordingly be mounted in them.

Report
S
Sanes, 2015-06-05
@Sanes

There is also ruid2, php-fpm. Choose what suits you best. Better yet, ask the administrator to set up the server. The cost will be inexpensive. They'll do it for you in just a couple of hours.
At one time, when he worked as an admin in the studio, by that time Nasalnik had created more than 200 Joomla sites using add-ons and templates and file dumps. This was more scary. Constantly sites from the index took off due to viruses on the site.

Similar questions
A
Artem Melnykov2019-09-11 09:24:58
What to do if android sdk is not installed? 2Reply
A
Andrei1penguin12021-04-01 00:37:45
Why don't losses decrease? 3Reply
D
Dmitry2019-09-20 14:21:34
Does not download files from utorrent, openwrt firmware? 1Reply
I
ibr_982017-04-24 19:18:51
Why doesn't "MouseEnter" work in visual c#? 2Reply
M
Mylistryx2019-09-30 11:36:00
How to properly implement CRUD when working with DDD and Yii2? 2Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question