i'm currently running cpanel on a server with phpsuexec, but am planning to move things. I read somewhere that development of phpsuexec stopped, but that cpanel will fix bugs if needed. I also read something about suphp but that doesn't seem like an active project to.
I'm hosting just a few sites on the server for friends and family, and manage most of them myself. I know phpsuexec adds an extra security layer to the server, and i haven't had any problems with it. But it also disables the use of php accellerators.
This server move looks like a nice moment to me to reevaluate.
What would you do : run phpsuexec, suphp or neither on the new server ? And more importantly why ?
We are running suPHP which works really nicely. We host a few sites written very badly (running unsafe scripts that caused problems before) and running PHP as CGI with suPHP really fixed those security issues for good. This setup also got us rid of that 'nobody' user as we had before on old cPanel-presetup box.
We have been using Phpsuexec for a while and it works fine. There's not really any bugs so far and Cpanel still continue to roll it into their apache builds. So installation is fine.
Typically for new servers, we like to start tight and if necessary, relax it. i.e. we will put phpsuexec, restrict some of the functions, etc. As needed, and based on circumstances, we may relax it bit by bit.