PHP is installed as a CGI within each user account rather than the more
common approach of using a module in the web server. This provides significant
security benefits; an exploit in php code on another users account will not be
able to affect your site as all code executes with only user level privileges.
Operating PHP as a module presents a significant security risk not only
through exploits. Since the code is executed by the Apache user, the Apache
system user must have access to every users code, any user with an account on a
shared server can easily produce a script which is executed by the Apache user
to provide them with access to other users databases and code.
The use of a CGI deployment allows the flexibility of operating
a number of different PHP versions on the one server. Anchor offers a number
of vendor supported versions. If your requirements are not met by these you are
able to install your own custom compiled version within your account, without
any assistance from Anchor.
PHP configuration can be customised on a per account basis via the use of
individual php.ini files on all accounts.
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment