3

I'm very aware of the benefits of running different websites under different user accounts to limit the damage if a single web application is compromised. I have been instructed to install a wordpress blog on our main corporate domain as a subfolder (example.com/blog) of the domain and not as a subdomain (I believe this is a SEO strategy). I must partition the blog from the main ecommerce site (which has access to our user accounts database), but I can't see a clear way to do it with suexec.

The only thought I have is to install the blog on a separate server and use mod_proxy on the main site as a reverse proxy. However, this means that we would have to maintain the main website template in two separate places (the blog has to be integrated with the main site with the same header, footer etc). If this is the only solution, then it's probably the path I will choose but I would like to know if anyone has any other ideas, it would be greatly appreciated.

Michelle
  • 923
  • 5
  • 20
  • 30

2 Answers2

2

First of all make sure that the ecommerce and blog have separate databases and separate mysql accounts. Make sure that these accounts don't have access to each other or to the database named mysql. Make sure neither of of them have FILE privileges, which is the most dangerous privilege you can give a web application, and in this case even if Apache/PHP was locked down an attacker could use MySQL to read and write files to the other application.

The deal with suexec is that a php application runs as a specific user. This is ideal for shared hosting, and for what you are doing. Basically create 2 user accounts, and have 2 application directories. Make sure that these users cannot access each others directories. (something like chown wordpress -R /var/www/blog && chmod 550 -R /var/www/blog). Then provide suexec with the proper configuration.

I'd also run phpsecinfo, disallow shell access to both accounts by setting their shell to /bin/false. Finely consider installing a WAF like mod_security.

Rook
  • 2,655
  • 6
  • 27
  • 35
  • Suexec is indeed the obvious solution however the problem is that suexec is configured at the virtual host level and how are we supposed to create a /blog directory under a different virtual host? – Michelle Feb 23 '11 at 10:06
0

The reverse proxy is probably the way to go -- even if the blog uses the same header and footer look and feel, it probably does not share the same exact coding so you will have the problem of 2 codebases anyway you want to carry it.

Personally, I would setup a front-end spearcatcher and reverse proxy all requests for everything so all the app servers are in-effect double firewalled.

Wyatt Barnett
  • 725
  • 5
  • 14