Hello, Just have some question about security of a Nginx + Php-fpm setup : After some search I find that for each client, a nginx pool is created but what about php ? Is a php conf file created for each new client/website ? For each conf, is a new port or socket file created/set (with permission) ? Thanks for enlighten me, HerveM
For better security you can enable suexec for a user account i do nothing than just check that box when create account in ISPConfig (latest stable version) And php will be executed with owner client client 1 is web1 got web1.conf in /etc/php5/fpm/pool.d without do nothing elese Code: listen = /var/lib/php5-fpm/web1.sock listen.owner = web1 listen.group = client1 listen.mode = 0660 so all best practices i read for are included, just check suexec box
Ok for each user, a nginx + php conf are created.. Did someone know how to set a default pool (used by all new created account)? HerveM
Each website has its own linux user and php runs under this linux user. So each site is separated from other ites by default.
