[Webinar] Learn how to a build a cloud-first strategyRegister Now


Secure php on windows 2003 hosting server.

Posted on 2006-04-12
Medium Priority
Last Modified: 2010-04-11
I want to secure php on windows 2003 server. It come to my mind that someone can upload a file and use it to cross sites and defacing other website.
What is the best approch in to leting site owner to use php no that server but make sure that there will not bee a case of cross sitr defacing.
I want to be able to protect agains a hacking attempt
Question by:yalov
  • 2
LVL 51

Accepted Solution

ahoffmann earned 1000 total points
ID: 16435993

Author Comment

ID: 16436651
Well, Thanks but that did not help so much cause you gave me stuff dealing with scripting. I am looking for eplanation on how am I as a serverowner defance against that. How can I make my server more secure. How can I as a server administrator preavet this things from happening and not as a web site owner. you give me a stuff as if I am a web site owner ant that dose not help.
LVL 51

Expert Comment

ID: 16438129
> .. as a server administrator preavet this things from happening ..
you cannot
all parts --OS, file and process permissions, web server configuration (IIS), application server configuration (PHP), application (PHP-scripts)-- have to take care of each other,
securing the web server is just a second line of defence, securing the os the third line and so on ...
The main culprit is the PHP, I mean the programmers writing vulnerable php scripts.
As server administrator I'd configure php as restrictive as possible (probably also using a patched php, see http://www.hardened-php.net/ )


Featured Post

New Tabletop Appliances Blow Competitors Away!

WatchGuard’s new T15, T35 and T55 tabletop UTMs provide the highest-performing security inspection in their class, allowing users at small offices, home offices and distributed enterprises to experience blazing-fast Internet speeds without sacrificing enterprise-grade security.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

An overview of cyber security, cyber crime, and personal protection against hackers. Includes a brief summary of the Equifax breach and why everyone should be aware of it. Other subjects include: how cyber security has failed to advance with technol…
Your business may be under attack from a silent enemy that is hard to detect. It works stealthily in the shadows to access and exploit your critical business information, sensitive confidential data and intellectual property, for commercial gain. T…
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, just open a new email message. In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …
Suggested Courses

864 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question