Are you running a multi-user hosting service? If so you can create include files on a per-user or per-domain basis. Use the Apache config directive php_value to set your include_path and open_basedir appropriately for each account; and other options as desired. I don't know of a particular site, but that is the config framework that Plesk uses. As for building PHP, make sure you run the testing battery ('make test' after you 'make' and before you 'make install') in order to see how 'hardened' your build is. On Sat, 2007-10-20 at 21:00 -0400, Grant wrote: > Hi all, > > You've all likely heard this before...."I was hacked..." , "Had register > globals on..." etc etc. > > Well, this is true of me as well. > > Does anyone know of a site that would help a semi professional lock down > php, i.e. > > Perhaps how to install phpsuexec, > > Jail users to only have the ability to read/write to thier own files and > directories, > > php.ini directives that have simiar affect as mentioned above. > > Any help appreciated. > > -Grant > -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php