Alternatives to PHP Safe Mode SHARED HOSTING

snow4dayz
snow4dayz used Ask the Experts™
on
Hello guys need some alternatives to using PHP safe_mode in a shared environment.

To be clear:
The server is shared among a few hundred people for opensource projects.

I want to make sure that a user doesnt upload a script such as r57, thus far I have been using safe_mode to protect the server, safe_mode is gone as of php 6.
Comment
Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®
Commented:
PHP itself even with safe_mode enabled, is not secure, that's why patches like suhosin http://www.hardened-php.net exists.

Although, you can use disabled_functions feature to disable functions like exec and passthru. Also you can use apache mods like mod_security to filter user input to prevent sql injection and XSS vulnerabilities.

Do more with

Expert Office
Submit tech questions to Ask the Experts™ at any time to receive solutions, advice, and new ideas from leading industry professionals.

Start 7-Day Free Trial