Results 1 to 14 of 14

Thread: PHP suEXEC

  1. #1
    Join Date
    Jun 2004
    Posts
    113

    PHP suEXEC

    Hi!
    I would like to install phpsuexec to my server, but some of my customers' websites break after installation.
    Is there a way to allow php suexec per website/ip?

    Thanks,
    Mike

  2. #2
    Join Date
    Mar 2004
    Location
    Los Angeles
    Posts
    622
    In Phpsuexec you can not run 777 chmoded files, that must be the reason of it. I think its not possible to allow it per site, but if someone knows a way you will find it here.

  3. #3
    Join Date
    Apr 2004
    Location
    Australia
    Posts
    419
    Not unless you compile a seperate php and apache for each user =| which would be a massive waste of resources and a massive waste of time. The only other way, if it would work, would be to add it to the virtualhost directive, but i don't know if it would parse it there.

  4. #4
    Join Date
    May 2001
    Location
    HK
    Posts
    3,082

    Smile

    phpsuexec doesn't depend on the SuexecUserGroup set in the virtualhost directives in httpd.conf.

    The scripts do not work is because:
    1.) The scripts has writable permission. Even without phpsuexec, your script shouldn't make it writable. 0644 would be the best choice for php script permission.

    2.) The file the php script is reading / writing to it is owned by the http user (e.g apache / nobody). Therefore, php scripts may not be able to read / write to the files.

  5. #5
    Join Date
    Nov 2003
    Posts
    518
    Or they have directives in their .htaccess file for php items such as

    php_value
    php_flag

    which no longer work with php_suEXEC as .htaccess is for apache.

    If this is the case, they will have to add a php.ini file to the directory where the php script is with these directives.

  6. #6
    Join Date
    Jul 2002
    Posts
    1,443
    We generally have a small server for non PHPSUEXEC users. I think its a great idea and less headache.
    Synergy Blue LLC
    SonataWeb.net | SynergyBlue.com
    USA should so something about: http://www.brillig.com/debt_clock/

  7. #7
    Join Date
    Jun 2004
    Posts
    113
    Thanks for your replies!

    If I get it right, there are 3 things that I must do:
    1) Change the files permissions to 0644
    2) Change the owner/group from nobody/nobody to user/usergroup
    3) Remove any php_flag php_value directives from .htaccess and place a php.ini file that sets the same directives

    Will it work if I do the above?

    OR alternatively

    Rent one more server for phpsuexec users.

  8. #8
    Join Date
    Nov 2004
    Location
    Australia
    Posts
    1,737
    People seem to be going for suPHP over phpsuexec these days, if you're going to all the trouble of doing a changeover you might be better server by going for suPHP.

    suPHP - maintained, works better than phpsuexec

    phpsuexec - maintainer is no longer maintaining it, will go the way of the dinosaur soon ...


  9. #9
    Join Date
    Jun 2004
    Posts
    113
    i want to go all this trouble because I need to evfaluate and maybe purchase lpanel. Lpanel only supports phpsuexc at the moment.

  10. #10
    Join Date
    Mar 2003
    Location
    California USA
    Posts
    13,681
    you dont need phpsuexec to install lpanel. they recommend it but its not required.
    Steven Ciaburri | Industry's Best Server Management - Rack911.com
    Software Auditing - 400+ Vulnerabilities Found - Quote @ https://www.RACK911Labs.com
    Fully Managed Dedicated Servers (Las Vegas, New York City, & Amsterdam) (AS62710)
    FreeBSD & Linux Server Management, Security Auditing, Server Optimization, PCI Compliance

  11. #11
    Join Date
    Jun 2004
    Posts
    113
    Originally posted by thelinuxguy
    you dont need phpsuexec to install lpanel. they recommend it but its not required.
    Are you sure about it?
    It is listed as a requirement in this page:
    http://www.lpanel.net/forums/viewtopic.php?t=994

    I can not make it work, and i assume it is the phpsexec.

  12. #12
    Join Date
    Nov 2003
    Posts
    518
    According to that post - it looks like they're just saying either suexec or phpsuexec is needed. But you must be running one of them.

    *shrugs*

  13. #13
    Join Date
    Mar 2003
    Location
    California USA
    Posts
    13,681
    Originally posted by misti
    Are you sure about it?
    It is listed as a requirement in this page:
    http://www.lpanel.net/forums/viewtopic.php?t=994

    I can not make it work, and i assume it is the phpsexec.
    On their check requirements script it says "Recommended" and below it it says phpsuexec
    Steven Ciaburri | Industry's Best Server Management - Rack911.com
    Software Auditing - 400+ Vulnerabilities Found - Quote @ https://www.RACK911Labs.com
    Fully Managed Dedicated Servers (Las Vegas, New York City, & Amsterdam) (AS62710)
    FreeBSD & Linux Server Management, Security Auditing, Server Optimization, PCI Compliance

  14. #14
    Join Date
    May 2001
    Location
    HK
    Posts
    3,082

    Smile

    IMO, it is better to have it~~ If there are files that have passwords in it, without suPHP / phpsuexec, then you have to make the file readable to the http user~! The problem is that anyone on the shared server can read your password files using their own scripts~ With suPHP, you can chmod 0600 the password file so that nobody can read it other than yourself~~~
    Last edited by YUPAPA; 11-14-2004 at 07:00 PM.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •