Secure apache with php

Nicolas Letellier nicolas at
Thu Jul 9 10:22:20 UTC 2009

Le Thu, 9 Jul 2009 13:18:39 +0300,
"Reko Turja" <reko.turja at> a écrit :

> > I want to secure my Apache/PHP environment...
> Full suhosin, both patch and mod for the PHP. IIRC suhosin patch is 
> optional in PHP port and the mod can be installed via ports.
> (
> Apache environment and binaries set up in a jail.
> > Which Apache version do you advice?
> I reckon these days 2.2 would be the best in regards of future 
> upgrades and development.
> -Reko 
Thanks. I already use suhosin patch in mod_php.

I have few users on this machine, each use a separate directory
(/var/www/user). I do not want to make a jail for each one.

That's why mpm-itk seems to be good (instead of safe_mode /

Best regards,


More information about the freebsd-questions mailing list