Recently, I’ve had to customize some Apache configuration options on one of my servers running Plesk. I needed to modify PHP’s open_basedir parameter among other things, and it was a little tricky to figure out how to do it properly. Once I figured it out, I thought I’d share. FYI, I’m running Plesk 10.4. Plesk […]
Apache HTTPd
Multiple Directories w/ PHP open_basedir
I’ve been using PHP’s open_basedir function since I first setup my server, several years ago. It’s a really useful function for securing your servers, although it isn’t perfect. For years, I’ve had problems with the temporary directory not being accessible. Of course, it was a simple fix to use php_admin_value open_basedir /var/www/vhosts/saebermedia.com php_admin_value upload_tmp_dir /var/www/vhosts/saebermedia.com/.tmp […]
LAMP Server Setup Pt. 3
Configuring Apache HTTP Server to run in a chroot jail using mod_chroot is easier that doing it manually, but it still isn’t the simplest process in the world. As of Apache 2.2.10, Apache includes mod_chroot functionality, and to enable it, you only need to set ChrootDir /chroot/httpd and you’re done. Well not quite, you still […]
LAMP Server Setup Pt. 2
Mod_Security is a great module for Apache 2 which adds many new security features and fixes a number of exploits. It’s also quite easy to install. Installation Requirements ModSecurity 2.x works only with Apache 2.0.x or higher. Version 2.2.x is highly recommended Make sure you have mod_unique_id installed mod_unique_id is packaged with Apache httpd libapr […]
LAMP Server Setup Pt. 1
I’ve decided to write a “simple” guide to installing Apache with mod_security, mod_chroot and mod_ssl, PHP with suhosin and common addons, and MySQL. The common LAMP server with a few security modifications 🙂 This will be unique in that we are installing everything in the /opt directory, mainly to make updating/removing super easy. No trying […]
PHP Apache Web Stats Analyzer
I’ve been working on a PHP based web analytic tool designed to import web stats from Apache’s custom log format. Since I’ll be making it open source anyway, I thought I might share with you the log parser part of the program. I haven’t done any extensive testing, but here you go. Click Me! The […]