include_host_config and security apache

maro · September 17, 2008, 05:48:55 AM

Hi, does anybody have an experience with include_host_config setting? or using RC by more hosted domains?

If I am running apache under domainID:domainGID i would have to grant him read premission to config.inc.php which can lead to security hole.

Can anybody provide me a solution or correct me if I am wrong... Thanks

Sorry, I've post in wrong section....

maro · September 17, 2008, 07:30:21 AM

I did not know about precedence of /etc/sites-enabled/* file.
I enabled 0-email.conf with servername and some serveralias. now it works fine. I am using standard www-data:www-data so there is no problem with unrestricted access to another domain, uff

include_host_config and security apache

maro

maro