Ok, I have been looking for some help, and cannot find help anywhere.
Is anyone knowledgable with PHPSuexec?
I have been able to figure out a problem though, but I will say what that is anyways.
I am currently on a VPS server. I recently upgraded from a shared hosting to VPS servers. I had my host uninstall all versions of php4, and install the latest stable version of php5, and asked them to compile it with Suexec. They installed 5.1.6. Now, due to PHPsuExec being enabled, users cannot use .htaccess to change php directives. Instead, they are to create php.ini files to change those directives, and place it in their directory.
But when I tried doing this, it would not work. Fortunately, so far, I found that there was an issue with php 5.1.6 and not being able to parse local php.ini files?
So the fix was to upgrade to php 5.2 (last comment in that bug page?), or to revert back to an older version (host downgraded to php5.0.5)
So that issue is fixed. I reverted back to php 5.0.5, unless you guys think 5.2 is a big enough upgrade?
Now, another issue. It looks like, I would have to create php.ini files in all my directories in order for the php directives to be set. It is not like .htaccess where you put it in a parent folder, and it would populate through the rest of its subfolders. Is there a fix for this?
Consider this situation. I am on a VPS server, and the only sites on the VPS will be me, and a couple friends.
Do you think their is a need for phpsuExec? (I first heard of phpsuexec 2 weeks ago, and was reading into it). But the more I read into it, the more I think that I probably don't need it. It seems, that if you are not running under Fast-CGI, then it will be slower. And the benefits of phpsuExec is mainly for shared hosting, where you are on a server shared by many many other users, so security in that only you will be accessing the files, and that if you have a script running that is hogging all the resources, that you will be able to pinpoint it and take care of it.
But since it will be mainly me and a couple other friends, I am starting to feel that this is unnecessary. Would you guys agree?
The location of php.ini can be specified with PHPRC, and you don't have to put it in every directory.
Usually, require you need to use either wrapper to overcome cleaning of env variables done by SuExec, or easy small patch to SuExec.
Or you can put small patch in the PHP, so that it would use HTTP_PHPRC instead of PHPRC.
This way, it will survive the env cleaning of SuExec.
You should be able to find these methods by searching.
I showed how to do that in site5 forum in the past, so you can check there, too.
Also, PHP will look for php.ini in certain directories other than the document root.
(At least PHP4 on FreeBSD was checking several directorires.)
You can use ktrace or strace or whatever the tracing command to see that.
These thnigs are well known to many of hosts/tech people with a bit of experiences..
Running PHP via CGI (including SuExeced CGI) will make it slower and less efficient.
But using mod_php will make apache process fatter.
If you are serving lots of static files and tiny percentage of PHP contents, php-cgi may be better.
Still, it doesn't have to be SuExeced.
Well, probably mod_php will be easier and better for you if you don't have to worry about the security, including the case of cracked account.
Imagine the account or script of your friends getting cracked.
Without some protection, it would be too easy to wipeout all web contents, and maybe more.
SuExec may prevent that, or delay it a little.
And if you really want security or efficiency, it's better to stay away from PHP, IMO.