Applicable to:
- Plesk for Linux
Question
mod_perl
, mod_python
, mod_php
Apache modules are not installed by default.
Why are not they installed?
Answer
Starting from Plesk 12.5, the following changes were made in terms of Apache modules:
-
mod_perl
andmod_python
are not included. -
mod_php
still included but disabled by default.
It was done for security reasons.
Why using these Apache modules on shared hosting is insecure:
-
File security.
mod_php
,mod_perl
, andmod_python
run under the account of Apache server, and therefore scripts executed by these modules can potentially access any user file. For example, files containing highly confidential personal data can be read by a script from another domain. -
Security of database connections.
Database connections of other users can be hijacked, and since all users can read each other's code, database usernames and passwords are visible to any user. -
Potential system compromising.
Due to security issues in Apache code (it can be resolved by using jails or chroot mechanisms).
Which options to use Perl and Python remain:
1. By default, Python and Perl are handled by FastCGI ( mod_fcgid
module).
2. For Python, there is no special binary and, therefore, it has to be done inside the script itself. So it is necessary to add the required code into the .py
file or use mod_wsgi
(as described in this article).
3. For Python, it is also possible to use the Application server (this option is described in this article ).
4. As an alternative for Python support, consider using mod_wsgi
which is part of CentOS and also allows Python apps to run under Apache.
Note: If an application is designed for use with mod_perl
or mod_python
, updating its code can be required.
Comments
0 comments
Please sign in to leave a comment.