Just another question: Do I need PHP-Suhosin if I have mod_security already installed on my dedicated server? And what is the difference between Apache-Suexec and suphp or php-suexec, make sense to have both installed and in use? Because I have some strange problems with my website, sometimes my site is unreachable for me but if I disconnect and re-connect(change IP) the site is on. There is no server load issues or etc. I had been banned but I dont know who banned me, if mod_sec or apf or suhosin or any other tool.
uEXEC is an Apache module let users to run CGI/SSI programs under user IDs. It is good to track logs to find security problems.
Suhosin is a good guard for php to protect your website or webserver against attacks like sql-injection or remote-file-injection etc.
ModSecurity™ is a firewall-like apache module which protects your webserver against known and some unknown attacks like brute-force data-inclusion etc
suphp or phpsuexec is similar to suexec, let scripts run with user rights also not as nobody. Good to monitor user actions on a webhosting to find spammers etc... Attention!: do not forget to configure your httpd.conf to add suPHP_AddHandler directive, otherwise your php scripts wont work.
www.suphp.org
http://httpd.apache.org/docs/2.0/suexec.html
www.hardened-php.net/suhosin
www.modsecurity.org
* reply
My Blog List
-
What Is Alma Linux? A Free and Open-Source Enterprise Grade OS - The release of AlmaLinux created quite a buzz in the Linux community back in February of 2021. The distro is a forever-free alternative to Red Hat Enterp...8 hours ago
-
How to configure AWS SES with Postfix MTA on Debian Linux - [image: See all Amazon AWS web services related articles/faq] AWS SES (Amazon Simple Email Service) is a cloud-based email-sending service that is both rel...5 days ago
-
PaloAlto init-cfg.txt Bootstrap Config file Layout with Examples - When you install and configure the PaloAlto firewall, when the firewall boots up for the first time, it does the bootstrapping process. PaloAlto uses the s...1 year ago
-
Clusterssh – Administer multiple ssh or rsh shells simultaneously - Sponsored Link The command opens an administration console and an xterm to all specified hosts. Any text typed into the administration console is replicate...3 years ago
-
Web Application Vulnerability Scanning Tools - Web Application Vulnerability Scanning Tools Nessus http://www.tenable.com/products/nessus PortSwigger https://portswigger.net/ qualys https://www.qualys....5 years ago
-
What You Don’t Know About Linux Open Source Could Be Costing to More Than You Think - Guest post by Marc Fisher If you would like to test out Linux before completely switching it as your everyday driver, there are a number of means by which ...6 years ago
-
Resolving Sysprep problems with App-X packages (Part 1) - This is the first of two articles explaining how to fix systems that won't Sysprep if Windows Native/App-X applications have been removed and Windows patches.6 years ago
-
V2V Communications security considerations - The future of vehicles, road infrastructure and driving are changing. We are progressing with vehicle-to-vehicle (V2V) and vehicle-to-infrastructure (V2I) ...6 years ago
-
10 UNIX / Linuz Size Command Examples for ObjectFiles - Linux size is part of GNU binutils. This utility is very helpful for programmers to analyze the data from the executable files (or object files). By defaul...9 years ago
-
Updating VMware Tools on Red Hat Enterprise/Scientific/CentOS Linux 6 for VMware ESXi 5 - In a previous post I discussed installing the open source VMware tools for Red Hat Enterprise/Scientific/CentOS Linux 6 from a yum package repository provi...12 years ago
