about your fully managed service

Discussion in 'Pre-Sales Questions' started by Unregistered, Sep 25, 2009.

  1. Unregistered

    Unregistered Guest

  2. KH-Joel

    KH-Joel KH Sales Staff Member

    Hello,

    Yes, just let our Support team know and we'd be happy to assist you.

    Thanks,
    Joel
     
  3. Unregistered

    Unregistered Guest

    Hello,

    So if I sign up for a VPS Knownhost account, I can ask all the newbie questions that I want to the support team ? :) (not so newbie, this one was about security).
    For keeping performance, what do you thing about running PHP as an Apache module and copying an .htaccess file in all the directory having the 777 permission with that content :
    AddHandler cgi-script .php .pl .py .jsp .asp .htm .shtml .sh .cgi
    Options -ExecCGI

    So if there were bad files uploaded in these directories, they shoudn't be runned.

    Sorry for my bad English.
     
  4. KH-Paul

    KH-Paul CTO Staff Member

    PHP running as Apache module will always run faster than through SuPHP. In your case something like following might work better:

    Code:
    <FilesMatch "\.(.*)$">
            Deny from all
    </FilesMatch>
    
     
  5. Unregistered

    Unregistered Guest

    Yes, but with this htaccess, php can't handle and process the files (e.g. images) uploaded in a directory by a legitimate user. With the htaccess example that I gave you, php can still process the directory files but it cannot process a php file uploaded by a stupid hacker in that directory. As you can see, it works as well with .php .pl .py .jsp .asp .htm .shtml .sh .cgi files.

    But I really wonder if it's enough, as you can see I'd like to avoid SuPHP but still have a secured website. I will soon write a cleaner script ran by crond which will check all the 777 directories and will delete all the .php .pl .py .jsp .asp .htm .shtml .sh .cgi files. Do you see a flaw somewhere? Anyway security on the internet is a big problem.
     
  6. KH-Paul

    KH-Paul CTO Staff Member

    I'm a bit lost with this description. Can you provide more information about what you're trying to do?
     
  7. cizsoalo73

    cizsoalo73 Guest

    could you please explain how security works on a semi-managed VPS. Who is responsible for maintaining a firewall, etc? Thank you.
     
  8. KH-Joel

    KH-Joel KH Sales Staff Member

    We are Fully Managed as long as cPanel, Plesk, or Directadmin is selected while ordering. We detail our Managed Service here, http://knownhost.com/support-coverage.html We will install CSF or APF upon request and if needed assist with configuration changes if needed. We have many clients who ask us to install it and make changes when needed so this isn't a problem.

    Thanks,
    Joel
     

Share This Page