The PHP safe mode is an attempt to solve the shared-server security problem. When safe_mode is on, PHP checks to see if the owner of the current script matches the owner of the file to be operated on by a file function or its directory.

It is necessary that PHP safe_mode is On by default on a Server running in a shared environment. There are many scripts which are not compatible with safe_mode On need it Off. Following guide will show you PHP safe_mode customization.

After installing & compiling PHP with Apache we have to enable PHP safe_mode. To activate safe_mode globally on the server:

1) Find the path for PHP configuration file .i.e. ‘php.ini‘

# php -i | grep php.ini

The above commaned will shoe the location of php.ini, it generally located at /usr/local/Zend/etc/php.ini.

2) Edit the php.ini file.

vi /usr/local/Zend/etc/php.ini

3) Search for line safe_mode.

4) Enable safe_mode set it to On.

safe_mode = On

5) Save the file & restart apache service.

Enable/disable safe_mode for a particular account.

PHP safe_mode can be enabled/disabled for a particular account by adding the php value in the .htaccess file of the particular account.

php_flag safe_mode On OR php_value safe_mode On

Many times due PHPSuExec enabled on the server, adding php value to the .htaccess file of the account give Internal Server Error on the site. The following steps will show you how to use Apache configuration file ‘httpd.conf’ to enable/disable safe_mode.
Using PHP as an Apache module, the configuration settings can be changed using Apache configuration file ‘httpd.conf’.

1) Once your SSH to your server as root, go the httpd.conf file which is generally located at /usr/local/apache/conf or its symlink /etc/httpd/conf.

2) Open the httpd.conf file in an editor.

vi /usr/local/apache/conf/httpd.conf

3) Find the VirtualHost entry of the domain for which you have to enable/disable safe_mode. The VirtualHost entry will look like:

ServerAlias www.eukhost.com eukhost.com
ServerAdmin webmaster@eukhost.com
DocumentRoot /home/euk/public_html
BytesLog domlogs/eukhost.com-bytes_log
ServerName www.eukhost.com
User euk
Group euk
CustomLog domlogs/eukhost.com combined
ScriptAlias /cgi-bin/ /home/euk/public_html/cgi-bin/

4) Add these line:

php_admin_flag safe_mode Off

OR

php_admin_flag safe_mode 0

5) After adding the above line, the VirtualHost entry will look like:

ServerAlias www.eukhost.com eukhost.com
ServerAdmin webmaster@eukhost.com
DocumentRoot /home/euk/public_html
BytesLog domlogs/eukhost.com-bytes_log
ServerName www.eukhost.com

php_admin_flag safe_mode Off

User euk
Group euk
CustomLog domlogs/eukhost.com combined
ScriptAlias /cgi-bin/ /home/euk/public_html/cgi-bin/

6) Save the file & restart apache.

Web Caches are used to reduce latency & network trafiic. Web Cache saves copies of the responses such as the HTML & PHP pages, images or files which are browsed through web browser. When ever there is another request for the same file or the same url, the saved copy of the response is used instead of asking the web server for it. Web Cache sits between web servers and a client and watches requests come by, saving copies of the responses.

Using Web Cache reduces latency as the requested file or url is served from the cache instead from the web server. This reduces the time which makes the Web more responsive. Web cache also reduces the tarffic which reduces the bandwidth consumption. This surely makes the web hosting in uk cost effective.

ImageMagick is free software delivered as a ready-to-run binary distribution or as source code that can be freely used, copied, modified and distributed. Its license is compatible with the GPL. It runs on all major operating systems. The functionality of ImageMagick is typically utilized from the command line or the features can be used from programs written in any programming language.

ImageMagick, version 6.2.9, is a software suite to create, edit, and compose bitmap images. It can read, convert and write images in a variety of formats (about 100) including GIF, JPEG, JPEG-2000, PNG, PDF, PhotoCD, TIFF, and DPX. ImageMagick can be use to translate, flip, mirror, rotate, scale, shear and transform images, adjust image colors, apply various special effects, or draw text, lines, polygons, ellipses and Bézier curves.

Features:

• Format conversion: convert an image from one format to another (e.g. PNG to JPEG).
• Transform: resize, rotate, crop, flip or trim an image.
• Transparency: render portions of an image invisible.
• Draw: add shapes or text to an image.
• Decorate: add a border or frame to an image.
• Special effects: blur, sharpen, threshold, or tint an image.
• Text & comments: insert descriptive or artistic text in an image.
• Image identification: describe the format and attributes of an image.
• Animation: create a GIF animation sequence from a group of images.
• Composite: overlap one image over another.

Site: http://www.imagemagick.org

Zend Guard is the most widely distributed PHP encryption product on the market. Available for over 7 years, Zend’s dedicated team of developers makes it the most stable and robust encoder on the market. It protects PHP 4 and PHP 5 applications from reverse engineering, unauthorized customization, unlicensed use and redistribution.

The Zend Guard, with its key components of Encoding, Obfuscating and Licensing, make this distribution worry free.

Site: http://www.zend.com

The Zend Optimizer is a free application that runs the files encoded by the Zend Guard while enhancing the performance of PHP applications.
Zend Optimizer goes over the intermediate code generated by the standard Zend run-time compiler and optimizes it for faster execution. In addition, the Zend Optimizer enables PHP to load and execute files encoded by using Zend Gaurd. The standard Zend run-time compiler used by PHP is indeed extremely fast, generating code that is usually 2 to 10 times faster. But an application that uses the Zend Optimizer typically executes another 40% to 100% faster.

The current version of the Zend Optimizer works with PHP versions 4.2.x through version 4.4.x and versions 5.0.x, 5.1.x that are compiled without debug support (the default configration of the standard PHP package). OS X Mac supports PHP versions: 4.3.x through 5.1.x.

Site: http://www.zend.com

PHPSuExec does for PHP Scripts what SuExec does for Perl files.

PHPSuExec makes files run under a specific user account, as opposed to the Apache user account (generally nobody). This is a great help, as we know that when we create any files/folders through any PHP script, it is created with apache (nobody) as the owner. With PHPSuExec, these files are properly owned by the user under which they are created. This allows us to better monitor the resource usage of accounts.

The security hole of PHP.