Securing PHP in Multi-Website Environment
Posted by: jmweb (
Date: October 24, 2019 10:58AM

As the title states, how would one go about securing PHP in a multi-website WAMP environment? What I am attempting to achieve is a setup similar to what one would do using PHP-FPM - separate pools assigned to specific users that restrict file system access. Although I do not use WampServer, I do have a WAMP stack and I am hoping the WamServer gurus - in their infinite wisdom - can help.

My setup is pretty straightforard. One VirtualHost per website using mod_fcgid with:

AddHandler fcgid-script php
FcgidWrapper "PATH_TO__php-cgi.exe"

mod_fcgid allows me to specify PHP_INI_SCAN_DIR per VirtualHost and I use this to set open_basedir to lock it into it's DOCUMENT_ROOT. Unfortunately, this setting carries a huge performance cost that has come to bite me.

I would love to somehow configure mod_fcgid in such a way to be able to disable open_basedir without losing the file access prevention benefits it provides.

So, I ask the community - how does WampServer secure PHP in multi-website environments?


Options: ReplyQuote

Sorry, only registered users may post in this forum.