Yii, Security and Shared hosting Precautions and best practices for Yii in a shared hosting environment
Posted 22 July 2010 - 04:17 PM
New here, new to Yii, and only know a little PHP, enough to get by though.
Are there any extra precautions I should take when using Yii in a shared hosting environment?
I'm also trying to find information shared hosting best practices with Yii, but haven't found
anything so far, can anyone point me in the right direction? Even general information you
think would be worth reading would be good.
The host we are currently using does not use chroot jails unfortunately, so would it be a
good idea to request suPHP? Eh, scratch that, I'm planning on doing it anyway as I do think
it's better than having scripts run as "nobody".
Posted 23 July 2010 - 01:38 AM
drwxr-xr-x 16 root root 624 4. Dez 2008 yii-1.0.0 drwxr-xr-x 16 root root 624 8. Jan 2009 yii-1.0.1 drwxr-xr-x 16 root root 624 29. Nov 2009 yii-1.0.10 drwxr-xr-x 16 root root 624 13. Dez 2009 yii-1.0.11 drwxr-xr-x 16 root root 624 27. Dez 2008 yii-1.0.2 drwxr-xr-x 16 root root 624 15. Apr 2009 yii-1.0.3 drwxr-xr-x 16 root root 624 11. Sep 2009 yii-1.0.8 drwxr-xr-x 16 root root 624 11. Okt 2009 yii-1.0.9 drwxr-xr-x 18 root root 696 16. Feb 12:41 yii-1.1.0 drwxr-xr-x 18 root root 696 16. Apr 15:34 yii-1.1.1 drwxr-xr-x 19 root root 720 21. Jun 15:06 yii-1.1.2 drwxr-xr-x 19 root root 720 15. Jul 15:44 yii-1.1.3 lrwxrwxrwx 1 root root 9 5. Jul 14:27 yii-latest -> yii-1.1.3 drwxr-xr-x 20 root root 744 5. Jul 03:50 yii-svn drwxr-xr-x 17 root root 648 1. Apr 20:55 yii-svn-1.0
Now i have "global" access to all Yii versions and can switch them in the index.php very easily:
$dir=dirname(__FILE__); $mainconf=require($dir.'/protected/config/main.php'); $localconf=require($dir.'/protected/config/localconf.php'); if (defined('YII_DEBUG') && YII_DEBUG) ini_set('error_reporting',E_ALL | E_STRICT); //require('yii-1.0.9/yii.php'); //require('yii-1.0.10/yii.php'); require('yii-1.1.3/yii.php'); require($dir.'/protected/helpers/globals.php'); $config=CMap::mergeArray($mainconf,$localconf); Yii::createWebApplication($config)->run();
Posted 24 July 2010 - 11:02 PM
While that is useful, I don't have a PHP include path available to me from this host. I will keep it in mind for when I get a VPS though.
Edit: Unless you mean the include path in the application's configuration? I'm thinking of PHP's include path as reported by phpinfo()
Posted 25 July 2010 - 03:35 AM