We've addressed open_basedir
to sandbox one site's PHP from another. Here's another damage limitation exercise, this time using an Apache module such as SuPHP or FastCGI.
These and similar modules work by making a site's PHP files run under the user-owner rather than as the Apache-group. That way, if one of your .php
scripts is manipulated, the damage is limited to your files without affecting my files or those of other users. Apache, on the other hand, has some level of access to the server-wide web files, at least, meaning there's a greater risk of wider attack penetration.
Clearly that's useful and, accordingly, SuPHP is widely employed by shared web hosts. Equally, modules like this spread the risk if you host a bunch of your own sites. Simply create a new user for each and, once set up, a module like SuPHP creates the barrier.