- Plesk for Linux
mod_php Apache modules are not installed by default.
Why are not they installed?
Starting from Plesk 12.5, the following changes were made in terms of Apache modules:
mod_pythonare not included.
mod_phpstill included, but disabled by default.
It was done for security reasons.
Why using these Apache modules on shared hosting is insecure:
mod_pythonrun under account of Apache server, and therefore scripts executed by these modules can potentially access any user file. For example, files containing highly confidential personal data can be read by a script from another domain.
Security of database connections. Database connections of other users can be hijacked, and since all users can read each other's code, database usernames and passwords are visible to any user.
Potential system compromising. Due to security issues in Apache code (it can be resolved by using jails or chroot mechanisms).
Which options to use Perl and Python remain:
By default, Python and Perl are handled by FastCGI (
module). For Python, it is also possible to use Application server (this option is described in this article ).
Note: If an application is designed for using with
mod_python, updating its code can be required.