PHP-FPM/Nginx Security In Shared Hosting Environments (Debian/Ubuntu)

Posted by falko on Sep 25, 2011 4:18 PM EDT
HowtoForge; By Falko Timme
Mail this story
Print this story

If you want to use nginx and PHP-FPM for shared hosting environments, you should make up your mind about security. In Apache/PHP environments, you can use suExec and/or suPHP to make PHP execute under individual user accounts instead of a system user like www-data. There's no such thing for PHP-FPM, but fortunately PHP-FPM allows us to set up a "pool" for each web site that makes PHP scripts execute as the user/group defined in that pool. This gives you all the benefits of suPHP, and in addition to that you don't have any FTP or SCP transfer problems because PHP scripts don't need to be owned by a specific user/group to be executed as the user/group defined in the pool.

If you want to use nginx and PHP-FPM for shared hosting environments, you should make up your mind about security. In Apache/PHP environments, you can use suExec and/or suPHP to make PHP execute under individual user accounts instead of a system user like www-data. There's no such thing for PHP-FPM, but fortunately PHP-FPM allows us to set up a "pool" for each web site that makes PHP scripts execute as the user/group defined in that pool. This gives you all the benefits of suPHP, and in addition to that you don't have any FTP or SCP transfer problems because PHP scripts don't need to be owned by a specific user/group to be executed as the user/group defined in the pool.

http://www.howtoforge.com/php-fpm-nginx-security-in-shared-hosting-environments-debian-ubuntu

Full Story

  Nav
» Read more about: Story Type: Tutorial; Groups: Debian, Ubuntu

« Return to the newswire homepage

This topic does not have any threads posted yet!

You cannot post until you login.