The PHP service is a specialist facility provided to allow staff to host and manage PHP applications.
PHP files are accessed via php.york.ac.uk.
You must be a member of staff to request this service.
The PHP service includes a dedicated virtualised PHP server and storage.
This service should only be requested if the other web content services provided are not suitable for your requirements.
The primary services we offer for publishing information on the web are:
You might also wish to consider other services we support, such as:
The PHP service is provided for circumstances where it is not appropriate or possible to use these services.
Please note, you will be need to write, manage and monitor your own PHP applications - we are unable to provide this as part of the service we offer.
Their message should include the web account name for authorisation, and why the CMS or ColdFusion are not suitable for your needs.
Please allow five days for us to set up your access.
PHP files are accessed via php.york.ac.uk (not www.york.ac.uk).
You can browse to your PHP site by going to http://php.york.ac.uk/fs/accountname or http://php.york.ac.uk/youryorkweb/path
Files and directories should not be world read, write or executable and it is advised that you avoid granting "other" any privileges.
Your PHP applications and code may need updated or revised when the service is upgraded or due to new security risks.
You will need someone with PHP knowledge to maintain your site.
MySQL databases are often used with PHP. MySQL is a separate service offered by IT Services.
You can request a MySQL database by contacting the Library & IT Help Desk.
PHP has been installed with the following options:
Other libraries can be added if required.
safe_mode is not enabled, however, open_basedir restricts file i/o to the your filestore area.
Some other insecure functions have been disabled.
We also run ModSecurity with the Core Ruleset and are firewalled for outgoing connections which can be adjusted depending on your requirements.
php.york.ac.uk has a SSL certificate which you can use to encrypt data transmission simply by using https:// instead of http://
You are encouraged to use this for transactions that include sensitive information or logins.
Library & IT Help Desk
If there are any problems with the PHP service, get in touch with the Library & IT Help Desk.
|Service status||Live and supported service.|
|Hours of service||24/7|
|Service support||For help and support with this service, contact the Library & IT Help Desk.|
|Hours of support||Help from the Library & IT Help Desk is available 9am to 5pm, Monday to Friday.|
General IT Services targets:
A highly available VMWare cluster provides resilience.
All data is backed up in line with our standard backup policies.
|Security can only be maintained as long as you deploy secure code and keep third party applications up to date.|
|Review cycle||Reviewed annually.|
Our service standards have been produced in consultation with our customers, and monitor the quality, timeliness and access to facilities and services:
If you wish to give us general feedback on this service, please see our Feedback page for ways to get in touch.
If you wish to make a complaint, please see our complaints procedure.
PHP is a widely used web scripting language and there are many known vulnerabilities to be exploited.
You should take regular backups of your files and MySQL database (if you have one).
You should also carefully consider the security of private or personal information and contact IT Services if you have any concerns.
It is the account owner's responsibility for all installation, configuration, administration and security of third-party applications.
You must ensure that all security issues are addressed quickly and that patches are applied which fix problems with the application.
If this is not done, in the interests of security we may de-activate the account until the situation is resolved.
IT Services cannot provide direct support for your applications but can advise on security best practice. Please contact the Library & IT Help Desk for more information.
We recommend you read: