Announcement of PHP security vulnerability (CVE-2012-1823)

By | Company News, Technical | No Comments

One of our sysadmins picked up the disclosure of this PHP vulnerability last week. It’s kind of important, so we thought we’d share it with you. Eindbazen PHP-CGI advisory (CVE-2012-1823) It’s interesting because a default mod_php installation isn’t vulnerable, but a fairly common deployment technique using php-cgi is (because it’s sane and not a gaping […]

Read More

PHP on shared hosting – doing it better

By | Technical | No Comments

Large scale shared hosting with an out-of-the-box install of apache and PHP is a recipe for security-disaster; this is not news. The solution is to run each website’s code separately so they can’t affect each other. This is pretty common nowadays but it wasn’t always the case with many providers. Anchor’s been doing this for […]

Read More