Edit virtual host file using php

Question

I have a php application and somethings related to the application need changes to vhost.conf file.

Presently i'm making the changes manually. But i would like to automate it using a php script.

Is this advisable? I want to know the security complications involved.

Answer 1

It's certainly possible. As long as PHP (probably running under Apache) has access to the virtual hosts config file it's as simple as appending data to the file and calling exec('sudo apache2 restart');.

Is it advisable? No. If you're accepting any type of user input you're opening yourself up to a security vulnerability if you miss even one piece of input sanitation. Even if you lock down the page to require authentication there could be something you missed.

If you want to make it easier to manage the virtual hosts use some sort of administration software.

What purpose would you need to automatically make vhosts, anyway?