PDA

Click to See Complete Forum and Search --> : Setting up PHP5 (Wamp) server looking for suggestions.

dmacman1962
07-11-2006, 03:38 PM
Hi Everyone,

We are setting up our own ISP (server) with Windows 2003 Standard Edition, Ms SQL 2005 and Wamp and our consulting company is setting up the hardware (and 2003 server software along with MS SQL 2005) and I am going to setup WAMP on it (with PHP5) and was looking for feedback on the PHP5 settings.

Has anyone setup a 'true server' like this?

I have my personal machine with WAMP and PHP5 but it is not hosted on the Internet only our Intranet, so I am safe with the standard settings and not concerned about security or speed.

I appreciate the answers.

Thanks,
Don
thorpe
07-11-2006, 09:50 PM
Has anyone setup a 'true server' like this?
Sorry, but it must be said. A true server does not run on windows. That in itself is a security floor.

As for your question, your main priorities should be that of your firewall, followed by that of your server followed by that of your php settings.

Honestly... if you need to ask these questions (especially in a php forum) you ARE going to be hacked and set upon. Your first line of defence ought to be iptables... learn it.
dmacman1962
07-12-2006, 08:52 AM
Hi Thorpe,

Thanks for the feedback, but I think I may have been too vague.

Our IT company is very good at setting up (sorry to say and I agree with your comment) windows 'servers.' So they will take care of the firewall, ip tables, windows "security" again, I mention this loosely.

What I was looking for were the basic (best) settings outside the obvious, like magic quotes off, etc.

Unfortunately, the company I work with has their entire CMS software running on MS SQL and they were forced to get a windows server.

I tried, and failed at getting their system to work with a unix server (hosting php5 and MySQL) so they ended up going this route.

They are not as savy with PHP as most of the power-users here, so I decided to ask the question.

Any other suggestions?

Thanks,

Don

Note: What I meant by 'true server' was that they "were" using an intranet server for their CMS software and now that will reside on the Internet server(still hosted at their location, but also serving their website). (They must do this so I can access their database for forms via the internet).