根据他们的PHP“安全性”选择主机。措施 [英] Choosing a host based on their PHP "security" measures
问题描述
Upfront disclaimer - 我是一个相对新手,刚开始学习关于PHP的
,主要是通过研究,安装和玩不同的
脚本。我正在寻找一个能够提供合适环境的主机
- 运行各种各样的PHP应用程序。我意识到
安全性也很重要,但是现在灵活性对于我来说更重要。
请注意我'我不是**寻找人们推荐托管公司,
我已经有一个很好的候选名单。我正在寻找帮助,根据服务器环境的配置选择
。
我非常感谢你指出我的位置问题显示
我的无知;如果可能的话,请帮我解决问题并解释我出错的地方。
这是我对这些问题的理解到目前为止(假设Linux / Apache) :
运行mod_php的限制性更小,因此更灵活,比运行CGI更快
。
更重要的是,我被告知mod_rewrite需要php运行
作为模块,因此在运行CGI的主机上,我无法获得永久链接,相当于
URL等这是真的吗?
如果是这样,那么我肯定想要一个运行php作为模块的主机,即使是
777/666权限的不安全性。
我还应该问潜在的托管服务我能否在自定义.htaccess文件中放置
php配置指令(而不是自定义
php.ini文件,对吗?)
如果是这种情况,我认为它与PHP相关的是什么
服务器'' AllowOverride设置为?
我也明白我应该避免在
安全模式下选择运行php的主机。
提前致谢你花时间阅读这篇文章,尤其是那些愿意澄清这些问题的人。
On Sun,2007年4月1日13:24:33 +0200(CEST),hansBKK
< aw *************** @ spamgourmet。编译:
>更重要的是,我被告知mod_rewrite需要php运行
作为模块,所以在运行CGI的主机上,我不能获得固定链接,相当的网址等。这是真的吗?
我不这么认为;许多mod_rewrite示例明确使用CGI脚本
作为目标。
然而,几乎相反的事情可能也是如此 - 用PHP作为CGI你_require_
mod_rewrite获取漂亮的URL。在模块模式下,有一些方法可以实现它
没有mod_rewrite,使用AcceptPathInfo和可能的内容协商。我不认为AcceptPathInfo可以正常使用CGI。
因此,如果mod_rewrite可用,那么任何一种模式都可以。
>如果是这样,那么我肯定想要一个运行php作为模块的主机,即使对于777/666权限的不安全性也是如此。
我还应该问潜在的托管服务我是否有能力将
php配置指令放在自定义的.htaccess文件中(而不是自定义的
php.ini文件,对吗?)
是的。
>如果是这种情况,我认为它与PHP的相关性是什么
服务器的AllowOverride被设置为?
是的,我相信你至少需要AllowOverride选项。
>我也理解我应该避免在安全模式下选择运行php的主机。
请注意,有度安全模式,一旦安全模式打开,
功能可以被选择性地限制 - 启用了许多
限制的安全模式主机可能很难处理,取决于你实际需要的功能
。
-
Andy Hassall :: 一个** @ andyh.co.uk :: http://www.andyh.co.uk
http://www.andyhsoftware.co.uk/space ::磁盘和FTP使用情况分析工具
hansBKK写道:
< blockquote class =post_quotes>
更重要的是,我被告知mod_rewrite需要php运行
作为模块,因此在运行CGI的主机上,我无法获得固定链接,相当漂亮
网址等。这是真的吗?
不,那是垃圾。你今天(4月1日)告诉过这个吗?
-
Toby A Inkster BSc(荣誉)ARCS
与我联系〜 http://tobyinkster.co.uk/contact
Geek of~HTML / SQL / Perl / PHP / Python * / Apache / Linux
* =我到了那里!
hansBKK写道:
Upfront disclaimer - 我是一个相对新手,刚刚开始学习关于PHP的
,主要来自研究,安装和播放不同的
脚本。我正在寻找一个能够提供合适环境的主机
- 运行各种各样的PHP应用程序。我意识到
安全性也很重要,但是现在灵活性对于我来说更重要。
请注意我'我不是**寻找人们推荐托管公司,
我已经有一个很好的候选名单。我正在寻找帮助,根据服务器环境的配置选择
。
我非常感谢你指出我的位置问题显示
我的无知;如果可能的话,请帮我解决问题并解释我出错的地方。
这是我对这些问题的理解到目前为止(假设Linux / Apache):
运行mod_php的限制性更小,因此更灵活,比运行CGI更快
。
更重要的是,我被告知mod_rewrite需要php运行
作为模块,所以在运行CGI的主机上,我无法获得永久链接,相当于
URL等。这是真的吗?
如果是这样,那么我肯定想要一个运行php作为模块的主机,即使是
777的不安全性/ 666权限。
我还应该问潜在的托管服务我能否在自定义.htaccess文件中放置
php配置指令(而不是自定义
php.ini文件,对吗?)
如果是这种情况,我认为它与PHP的相关性是什么
服务器的AllowOverride设置为?
我也明白我应该避免在
安全模式下选择运行php的主机。
提前致谢因为你花时间阅读这篇文章,尤其是那些愿意澄清这些问题的人。
除了像safe_mode之类的东西, openbasedir限制,
Upfront disclaimer - I am a relative newbie, just starting out learning
about PHP, mostly by researching, installing and playing with different
scripts. I am looking for a host that will provide the right environment
for this - running a wide variety of PHP applications. I realise that
security is also important, but for now flexibility is more important to
me.
Note that I''m **not** looking for people to recommend hosting companies,
I have a good shortlist already. I''m looking for help in choosing
between these, based on the configuration of their server environment.
I would greatly appreciate your pointing out where my questions reveal
my ignorance; if possible, help me fix up the questions and explain
where I''ve gone wrong.
Here is my understanding of these issues so far (assuming Linux/Apache):
Running mod_php is less restrictive and therefore more flexible, and
faster than running as CGI.
More importantly, I''ve been told that mod_rewrite REQUIRES php running
as a module, so on a host running CGI, I CANNOT get permalinks, pretty
URLs, etc. Is this true?
If so, then I definitely want a host running php as a module, even with
the insecurity of 777/666 permissions.
I should also ask the potential hosting services about my ability to put
php configuration directives in custom .htaccess files (and not custom
php.ini files, correct?)
If this is the case, I assuem it becomes relevant to PHP what the
server''s AllowOverride is set to?
I also understand that I should avoid choosing a host running php in
safe mode.
Thanks in advance for your taking the time to read this, and especially
to those who are willing to clarify these issues.
On Sun, 1 Apr 2007 13:24:33 +0200 (CEST), hansBKK
<aw***************@spamgourmet.comwrote:
>More importantly, I''ve been told that mod_rewrite REQUIRES php running
as a module, so on a host running CGI, I CANNOT get permalinks, pretty
URLs, etc. Is this true?I don''t think so; many of the mod_rewrite examples explicitly use a CGI script
as the target.
However, something almost opposite may be true - with PHP as CGI you _require_
mod_rewrite to get pretty URLs. In module mode there are ways to implement it
without mod_rewrite, using AcceptPathInfo and possibly content negotiation. I
don''t think AcceptPathInfo works correctly with CGI.
So if mod_rewrite is available, then either mode is fine.
>If so, then I definitely want a host running php as a module, even with
the insecurity of 777/666 permissions.
I should also ask the potential hosting services about my ability to put
php configuration directives in custom .htaccess files (and not custom
php.ini files, correct?)Yes.
>If this is the case, I assuem it becomes relevant to PHP what the
server''s AllowOverride is set to?Yes, I believe you need at least AllowOverride Options.
>I also understand that I should avoid choosing a host running php in
safe mode.Note that there are "degrees" of safe mode, in that once safe mode is on,
functions can then be selectively restricted - a safe mode host with many
restrictions enabled could be awkward to work on, depending on what features
you actually need.
--
Andy Hassall :: an**@andyh.co.uk :: http://www.andyh.co.uk
http://www.andyhsoftware.co.uk/space :: disk and FTP usage analysis tool
hansBKK wrote:
More importantly, I''ve been told that mod_rewrite REQUIRES php running
as a module, so on a host running CGI, I CANNOT get permalinks, pretty
URLs, etc. Is this true?No, that''s rubbish. Were you told this today (1 Apr)?
--
Toby A Inkster BSc (Hons) ARCS
Contact Me ~ http://tobyinkster.co.uk/contact
Geek of ~ HTML/SQL/Perl/PHP/Python*/Apache/Linux
* = I''m getting there!
hansBKK wrote:Upfront disclaimer - I am a relative newbie, just starting out learning
about PHP, mostly by researching, installing and playing with different
scripts. I am looking for a host that will provide the right environment
for this - running a wide variety of PHP applications. I realise that
security is also important, but for now flexibility is more important to
me.
Note that I''m **not** looking for people to recommend hosting companies,
I have a good shortlist already. I''m looking for help in choosing
between these, based on the configuration of their server environment.
I would greatly appreciate your pointing out where my questions reveal
my ignorance; if possible, help me fix up the questions and explain
where I''ve gone wrong.
Here is my understanding of these issues so far (assuming Linux/Apache):
Running mod_php is less restrictive and therefore more flexible, and
faster than running as CGI.
More importantly, I''ve been told that mod_rewrite REQUIRES php running
as a module, so on a host running CGI, I CANNOT get permalinks, pretty
URLs, etc. Is this true?
If so, then I definitely want a host running php as a module, even with
the insecurity of 777/666 permissions.
I should also ask the potential hosting services about my ability to put
php configuration directives in custom .htaccess files (and not custom
php.ini files, correct?)
If this is the case, I assuem it becomes relevant to PHP what the
server''s AllowOverride is set to?
I also understand that I should avoid choosing a host running php in
safe mode.
Thanks in advance for your taking the time to read this, and especially
to those who are willing to clarify these issues.
Besides stuff like safe_mode, openbasedir restrictions,
这篇关于根据他们的PHP“安全性”选择主机。措施的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
