httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Joshua Slive <jos...@slive.ca>
Subject Re: [users@httpd] Killing apache(bugg?)
Date Mon, 20 Jan 2003 16:48:48 GMT

On Mon, 20 Jan 2003, Oskar 'Zoot' Lindgren wrote:

> Hello everyone(first post),
>
> Last night was I playing some with the killall command, and figure
> out that the apache server could easly be stopped by just writing
> a php or perl script. I think there has to be a way to prevent this
> since this isnĀ“t really a "bugg", has anyone got an idea how?
>
> Php script code: <?php system("killall -STOP apache"); ?>

Take a look at running php as a cgi and using suexec.

Other that, the only way to deal with malicious users is to give them each
their own apache (perhaps running on different ports).

The perchild mpm might help somewhat, but I think it is still not quite
production ready.

Joshua.

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message