about your fully managed service

Hello,

So if I sign up for a VPS Knownhost account, I can ask all the newbie questions that I want to the support team ? :) (not so newbie, this one was about security).
For keeping performance, what do you thing about running PHP as an Apache module and copying an .htaccess file in all the directory having the 777 permission with that content :
AddHandler cgi-script .php .pl .py .jsp .asp .htm .shtml .sh .cgi
Options -ExecCGI

So if there were bad files uploaded in these directories, they shoudn't be runned.

Sorry for my bad English.
 
PHP running as Apache module will always run faster than through SuPHP. In your case something like following might work better:

Code:
<FilesMatch "\.(.*)$">
        Deny from all
</FilesMatch>
 
PHP running as Apache module will always run faster than through SuPHP. In your case something like following might work better:

Code:
<FilesMatch "\.(.*)$">
        Deny from all
</FilesMatch>

Yes, but with this htaccess, php can't handle and process the files (e.g. images) uploaded in a directory by a legitimate user. With the htaccess example that I gave you, php can still process the directory files but it cannot process a php file uploaded by a stupid hacker in that directory. As you can see, it works as well with .php .pl .py .jsp .asp .htm .shtml .sh .cgi files.

But I really wonder if it's enough, as you can see I'd like to avoid SuPHP but still have a secured website. I will soon write a cleaner script ran by crond which will check all the 777 directories and will delete all the .php .pl .py .jsp .asp .htm .shtml .sh .cgi files. Do you see a flaw somewhere? Anyway security on the internet is a big problem.
 
Yes, but with this htaccess, php can't handle and process the files (e.g. images) uploaded in a directory by a legitimate user. With the htaccess example that I gave you, php can still process the directory files but it cannot process a php file uploaded by a stupid hacker in that directory. As you can see, it works as well with .php .pl .py .jsp .asp .htm .shtml .sh .cgi files.

I'm a bit lost with this description. Can you provide more information about what you're trying to do?
 
could you please explain how security works on a semi-managed VPS. Who is responsible for maintaining a firewall, etc? Thank you.
 
We are Fully Managed as long as cPanel, Plesk, or Directadmin is selected while ordering. We detail our Managed Service here, http://knownhost.com/support-coverage.html We will install CSF or APF upon request and if needed assist with configuration changes if needed. We have many clients who ask us to install it and make changes when needed so this isn't a problem.

Thanks,
Joel
 
Top