Wednesday, February 3, 2010

SuPHP Permission Issue

SkyHi @ Wednesday, February 03, 2010
suPHP enhances overall server security. When migrating from a server that is not running suphp to a server running these, permission and ownership issues occur . When you access your domain you usually see
s1
Tail the Apache error logs to see what the error is
# tail -f /usr/local/apache/logs/error_logs
You can see the error
[Thu Jul 12 09:00:09 2007] [error] [client XXX.XXX.X.X] SoftException in Application.cpp:601: Directory “/home/user/public_html/test.php” is writable by group .
[Thu Jul 12 09:00:11 2007] [error] [client XXX.XXX.X.X] Premature end of script headers:
The script fail if the php file or folder is writable for anyone other that the owner. Check the permission and ownership .
# cd /home/user/public_html/
# ll | grep test.php
-rwxrwxrwx 1 nobody nobody 158 2008-05-13 04:32 test.php
That shows test.php has full permission and is not owned by the user . Change the permission and ownership.
# chmod 644 test.php
# chown user.user test.php
If it is a server wide issue , then its difficult to change it for each user . Here is a script (for cpanel servers) that fixes all the files and folder permissions that occurs when server changes to suphp.

1) Save the script to a file .
# vi /root/suphpfix.sh
#!/bin/bash
     for user in `ls /var/cpanel/users`; do
     chown ${user}:${user} /home/${user}/public_html
     chmod 755 /home/${user}/public_html
     find /home/${user}/public_html -group nobody -print0 | xargs -0 chgrp ${user}
     find /home/${user}/public_html -type f -print0 | xargs -0 chmod 644
     find /home/${user}/public_html -type d -print0 | xargs -0 chmod 755
     done
2) Make the script executable.
# chmod u+x /root/suphpfix.sh
3) Execute the script
# bash /root/suphpfix.sh
Done!!