Results 1 to 14 of 14
Thread: PHP suEXEC
-
11-13-2004, 05:23 PM #1WHT Addict
- Join Date
- Jun 2004
- Posts
- 113
PHP suEXEC
Hi!
I would like to install phpsuexec to my server, but some of my customers' websites break after installation.
Is there a way to allow php suexec per website/ip?
Thanks,
Mike
-
11-13-2004, 05:52 PM #2Web Hosting Master
- Join Date
- Mar 2004
- Location
- Los Angeles
- Posts
- 622
In Phpsuexec you can not run 777 chmoded files, that must be the reason of it. I think its not possible to allow it per site, but if someone knows a way you will find it here.
-
11-13-2004, 06:06 PM #3Aspiring Evangelist
- Join Date
- Apr 2004
- Location
- Australia
- Posts
- 419
Not unless you compile a seperate php and apache for each user =| which would be a massive waste of resources and a massive waste of time. The only other way, if it would work, would be to add it to the virtualhost directive, but i don't know if it would parse it there.
-
11-14-2004, 01:00 AM #4Web Hosting Master
- Join Date
- May 2001
- Location
- HK
- Posts
- 3,082
phpsuexec doesn't depend on the SuexecUserGroup set in the virtualhost directives in httpd.conf.
The scripts do not work is because:
1.) The scripts has writable permission. Even without phpsuexec, your script shouldn't make it writable. 0644 would be the best choice for php script permission.
2.) The file the php script is reading / writing to it is owned by the http user (e.g apache / nobody). Therefore, php scripts may not be able to read / write to the files.
-
11-14-2004, 01:27 AM #5Web Hosting Evangelist
- Join Date
- Nov 2003
- Posts
- 518
Or they have directives in their .htaccess file for php items such as
php_value
php_flag
which no longer work with php_suEXEC as .htaccess is for apache.
If this is the case, they will have to add a php.ini file to the directory where the php script is with these directives.
-
11-14-2004, 06:16 AM #6Web Hosting Master
- Join Date
- Jul 2002
- Posts
- 1,443
We generally have a small server for non PHPSUEXEC users. I think its a great idea and less headache.
Synergy Blue LLC
SonataWeb.net | SynergyBlue.com
USA should so something about: http://www.brillig.com/debt_clock/
-
11-14-2004, 06:40 AM #7WHT Addict
- Join Date
- Jun 2004
- Posts
- 113
Thanks for your replies!
If I get it right, there are 3 things that I must do:
1) Change the files permissions to 0644
2) Change the owner/group from nobody/nobody to user/usergroup
3) Remove any php_flag php_value directives from .htaccess and place a php.ini file that sets the same directives
Will it work if I do the above?
OR alternatively
Rent one more server for phpsuexec users.
-
11-14-2004, 09:25 AM #8Web Hosting Master
- Join Date
- Nov 2004
- Location
- Australia
- Posts
- 1,737
People seem to be going for suPHP over phpsuexec these days, if you're going to all the trouble of doing a changeover you might be better server by going for suPHP.
suPHP - maintained, works better than phpsuexec
phpsuexec - maintainer is no longer maintaining it, will go the way of the dinosaur soon ...
-
11-14-2004, 10:09 AM #9WHT Addict
- Join Date
- Jun 2004
- Posts
- 113
i want to go all this trouble because I need to evfaluate and maybe purchase lpanel. Lpanel only supports phpsuexc at the moment.
-
11-14-2004, 01:56 PM #10Problem Solver
- Join Date
- Mar 2003
- Location
- California USA
- Posts
- 13,681
you dont need phpsuexec to install lpanel. they recommend it but its not required.
Steven Ciaburri | Industry's Best Server Management - Rack911.com
Software Auditing - 400+ Vulnerabilities Found - Quote @ https://www.RACK911Labs.com
Fully Managed Dedicated Servers (Las Vegas, New York City, & Amsterdam) (AS62710)
FreeBSD & Linux Server Management, Security Auditing, Server Optimization, PCI Compliance
-
11-14-2004, 02:14 PM #11WHT Addict
- Join Date
- Jun 2004
- Posts
- 113
Originally posted by thelinuxguy
you dont need phpsuexec to install lpanel. they recommend it but its not required.
It is listed as a requirement in this page:
http://www.lpanel.net/forums/viewtopic.php?t=994
I can not make it work, and i assume it is the phpsexec.
-
11-14-2004, 03:34 PM #12Web Hosting Evangelist
- Join Date
- Nov 2003
- Posts
- 518
According to that post - it looks like they're just saying either suexec or phpsuexec is needed. But you must be running one of them.
*shrugs*
-
11-14-2004, 03:38 PM #13Problem Solver
- Join Date
- Mar 2003
- Location
- California USA
- Posts
- 13,681
Originally posted by misti
Are you sure about it?
It is listed as a requirement in this page:
http://www.lpanel.net/forums/viewtopic.php?t=994
I can not make it work, and i assume it is the phpsexec.Steven Ciaburri | Industry's Best Server Management - Rack911.com
Software Auditing - 400+ Vulnerabilities Found - Quote @ https://www.RACK911Labs.com
Fully Managed Dedicated Servers (Las Vegas, New York City, & Amsterdam) (AS62710)
FreeBSD & Linux Server Management, Security Auditing, Server Optimization, PCI Compliance
-
11-14-2004, 06:56 PM #14Web Hosting Master
- Join Date
- May 2001
- Location
- HK
- Posts
- 3,082
IMO, it is better to have it~~ If there are files that have passwords in it, without suPHP / phpsuexec, then you have to make the file readable to the http user~! The problem is that anyone on the shared server can read your password files using their own scripts~ With suPHP, you can chmod 0600 the password file so that nobody can read it other than yourself~~~
Last edited by YUPAPA; 11-14-2004 at 07:00 PM.