After looking into how to prepare my LAMP server for production use, one of the things I saw that was suggested was to use Bastille Hardening. It seems that v3.2.1 is not functioning properly and is missing an API folder. The errors that I receive are the same as described in this link: http://sourceforge.net/tracker/?func=detail&aid=2767305&group_id=403&atid=100403
This is the error that starts the problems:
Error message: Can't locate Bastille/API.pm in @INC
Judging by the bugs reported on SF, it's a common problem. Does anyone know a fix to this or are there some alternatives that I can use to help secure my server for production use? Would using an earlier version help?
I was also planning on running the following after Bastille: http://php-security-audit.com/script/view/
Yeah, the RPM seems to be missing some needed .pm files - I was able to find the API.pm file and edit the bastille script to have the right "use lib" statements to get it, but then it failed to find some other necessary bits and pieces.
The source tarball, from here seems to work though. I'm on a Centos 5.5 x86_64 system.