[SWLUG] Restart Apache from php
Toby Maxwell-Lyte
Toby.Maxwell-Lyte at eazyweb.net
Fri Jan 21 10:51:07 UTC 2005
Hi,
Thanks for the feedback.
I guess I could store the desired domain names in a mysql db.
I could write a perl script that checked this db for entries and then
created new virtual hosts accordingly.
I could then setup a cronjob to run this script every 5 minutes.
This would eliminate the need for PHP to invoke any commands at all.
What do you reckon?
Cheers
Toby
On 21 Jan 2005 at 10:42, Terry John wrote:
> PHP is inherently insecure. I will explain why I say this.
>
> If you allow user input via a form and the at any point display the
> result you can have problems. If the user inputs somthing like
>
> < ?php {Any PHP commands} ?>
>
> The he has control of your system. There is a way around this using
> the "strip_tags" commend after every user input but you have to be
> very careful.
>
> I would be a little shy about letting anyone other than root have
> write access to the config files but that's just me. :-)
>
> Although "Graceful" is very good I've had problems especially if there
> are script errors. A better command is to "reload" which doesn't close
> the server but just reloads the config.
>
> Terry
>
> -----Original Message-----
> From: discuss-bounces at swlug.org.uk
> [mailto:discuss-bounces at swlug.org.uk] On Behalf Of Toby Maxwell-Lyte
> Sent: 21 January 2005 08:41 To: discuss at swlug.org.uk Subject: [SWLUG]
> Restart Apache from php
>
>
> Hi All,
>
> I have written a script that will add a virtual host to my httpd.conf
> include directory. I would like to be able to envoke this script from
> php so that I can quickly and eazily set up new subdomains. Having
> done this I would then like to automatically issue a "apachectl
> graceful" so that apache rereads httpd.conf. I am aware that I can use
> the php exec() function but want to be sure that I don't cause any
> security loopholes.
>
> httpd.conf contains a line that includes the subdir virtual/*.conf My
> script creates a .conf file in the /etc/httpd/conf/virtual directory
> with the relevant docroot, logfile location etc. It takes the domain
> name and docroot as parameters.
>
> I've had a good google around but haven't turned up anything useful.
>
> Any suggestions would be much appreciated,
>
> cheers
> Toby
>
>
> --
> Toby Maxwell-Lyte Project Manager
>
> --/--/--/-- e a z y w e b --/--/--/--
> M u l t i m e d i a & W e b D e s i g n
> info at eazyweb.net http://www.eazyweb.net
> http://www.eazycms.com
> Tel: +44 (0)29 20344006 Fax: +44 (0)29 20344008
>
> For all your digital design needs...
>
> This E-mail may contain confidential and/or privileged information. It
> is only intended for the use of the Addressee. If you are not the
> addressee, the disclosure, copying or delivering of this to any one
> else is strictly prohibited and may be unlawful. If you have received
> this E-mail in error, please delete immediately.
>
> _______________________________________________
> SWLUG Discussion List - Discuss at swlug.org.uk
> http://list.swlug.org.uk/mailman/listinfo/discuss
>
> http://www.bbc.co.uk/
>
> This e-mail (and any attachments) is confidential and may contain
> personal views which are not the views of the BBC unless specifically
> stated. If you have received it in error, please delete it from your
> system. Do not use, copy or disclose the information in any way nor
> act in reliance on it and notify the sender immediately. Please note
> that the BBC monitors e-mails sent or received. Further communication
> will signify your consent to this.
--
Toby Maxwell-Lyte Project Manager
--/--/--/-- e a z y w e b --/--/--/--
M u l t i m e d i a & W e b D e s i g n
info at eazyweb.net http://www.eazyweb.net
http://www.eazycms.com
Tel: +44 (0)29 20344006 Fax: +44 (0)29 20344008
For all your digital design needs...
This E-mail may contain confidential and/or privileged
information. It is only intended for the use of the
Addressee. If you are not the addressee, the disclosure,
copying or delivering of this to any one else is strictly
prohibited and may be unlawful. If you have received this
E-mail in error, please delete immediately.
More information about the Swlug
mailing list