Mailinglist Archive: opensuse (929 mails)

< Previous Next >
Re: [opensuse] public_html security
On Mon, 2014-03-24 at 19:49 -0300, Cristian Rodríguez wrote:
El 24/03/14 19:31, lynn escribió:
On Mon, 2014-03-24 at 00:29 -0300, Cristian Rodríguez wrote:
El 23/03/14 23:26, Ted Byers escribió:

Do you know, off hand, whether or not WordPress would run properly (and
securely) if Apache was configured to execute all PHP code using FPM
instead of mod_php? (Or should I ask that on the WordPress forum?)

Any common application should work unmodified.

What is your take on Facebook's Hack with HHVM, as a putative
replacement for PHP FPM?

Have not looked at this yet.

OK, I've installed php fpm. Now, how do I tell apache to drop mod php5
and use fpm instead?

You have to first find a basic how to configure php-fpm,

This does it:

I lost apache and went with nginx. Not sure whether it can be done with
apache on 13.1. You also lose the mod_userdir. There's a regex hack.
Will report back if I get it going.

then you have
to disable mod_php using:

# a2dismod php5

After that you have enable mod_proxy and mod_proxy_fcgi:

# a2enmod proxy proxy_fcgi

Then let's assume that php scripts are stored in /srv/www/htdocs

add to the apache configuration

ProxyPassMatch ^/(.*\.php)$ fcgi://$1

This assumes that php-fpm is running and listening on localhost port 9000.

To unsubscribe, e-mail: opensuse+unsubscribe@xxxxxxxxxxxx
To contact the owner, e-mail: opensuse+owner@xxxxxxxxxxxx

< Previous Next >