Improve LAMP security with mod_proxy

If you are a webmaster who hosts sites for other people, whether they are customers or just friends and family, you may have been in the situation where one person's bad code brought down the whole server. Even if that hasn't happened, there are security risks inherent in shared hosting.

Nick Maynard at IBM has written Improve LAMP security with Apache Proxy's directive (mod_proxy), showing how virtual hosting with multiple user IDs is possible. The article takes as its premise that you are using Apache's mod_php rather that plain CGI scripts, and therefor the "suExec" option will not work for you. The techniques that he describes are not limited to use in a PHP environment. I have used a similar setup to host multiple mod_perl developers on the same system without stomping on each other.

This is an excellent how-to for webmasters, complete with example configuration files, detailed explanation, and numerous links to additional sources. Highly recommended.