We have a company server with a variety of websites. They are maintained by different people from within our company. All websites are public. The server access is limited to our company only. This is NOT a shared hosting environment.
We are looking into securing the server, currently analyzing the risk related to permissions of files. We feel the highest risk is when files are uploaded and then opened/executed by the public. This should not happen, but an error in a script might allow people to do so (there are image uploaders, file uploaders, etc). Uploader scripts use PHP.
So the question is: what is the best way of setting / organizing permissions of files and processes? There seem to be several options to run PHP (and Apache), and setting the permissions. What should we take into consideration? Any tips?
We are considering mod_php and FastCGI, but perhaps given our situation other solutions are preferred?
Best Answer
I would highly recommend running suPHP. Using suPHP, each website could be compartmentalized to its own username instead of running as the general Apache user. This would mean that if someone would happen to "Hack" into the server due to an insecure script on the server; they would be limited only to that site and not the whole server. The exception is that if there is a root exploit they could gain access to the whole server... but at least suPHP will help to security each individual site.
Once you have Apache/PHP on different users the read/write permissions of the files on the server become important. You could also utilize permissions more fully from an organizational standpoint, allowing users to update files on their website and not just any.