|
Home > Archive > IIS Server Security > February 2005 > Securing IIS against PHP
You are viewing an archived Text-only version of the thread.
To view this thread in it's original format and/or if you want to reply to
this thread please [click here]
| Author |
Securing IIS against PHP
|
|
| Iman G.Mohammadi 2005-02-20, 6:18 pm |
| Hi,
I'm using a windows 2003 and IIS 6.0, I've installed php on the server, but
I'm not sure that it's secure. As this is a shared hosting server, I'm
afraid of hack attacks using PHP. Is there any way to secure IIS agains PHP
scripts?
Thanks
Iman
| |
| David Wang [Msft] 2005-02-20, 8:47 pm |
| You are asking about how to secure PHP, which from an IIS perspective is
just another web application. I suggest you contact PHP
support/newsgroup/forums on the correct way to secure php in general, and
then apply it to IIS. The IIS6 installation is secure, but what you have
done as an administrator afterwards -- that is now your responsibility.
This is the same logic as if you wrote a program that runs on Windows --
would you ask Microsoft how to secure configuration for your own program, or
would you determine that yourself?
--
//David
IIS
http://blogs.msdn.com/David.Wang
This posting is provided "AS IS" with no warranties, and confers no rights.
//
"Iman G.Mohammadi" <info@netsups.com> wrote in message
news:%23UFDWnsFFHA.1260@TK2MSFTNGP12.phx.gbl...
Hi,
I'm using a windows 2003 and IIS 6.0, I've installed php on the server, but
I'm not sure that it's secure. As this is a shared hosting server, I'm
afraid of hack attacks using PHP. Is there any way to secure IIS agains PHP
scripts?
Thanks
Iman
|
|
|
|
|