* does necessary install suPHP on your server ?
It is not necessary to install SuPHP on the server, but it is considered to be a good thing to do.
* what does suPHP do exactly and if i install it on your server there is not any conflict for my users script?
It runs all PHP scripts as the user in whose account they reside – rather than running all scripts as user nobody. It also prevents scripts that have insecure permissions from running.
Most PHP scripts will run well within a SuPHP environment. However, some older not well-maintained scripts that rely on insecure permissions may experience issues in a SuPHP environment.
* how to install suPHP via WHM “if you have WHM installed in your server”?
It’s easy. Simply go to the WHM interface and in the Software section click Apache Update. Proceed through the build process until step 5, then select the checkbox for Mod SuPHP. Proceed to compile Apache via the WHM interface. When done, you will be prompted regarding how you wish to have PHP run – select SuPHP.
If you do not see this prompt, you can set this in WHM -> Service Configuration -> Configure PHP and SuExec. Note, in 11.24, this has been moved to WHM -> Service Configuration -> Apache Configuration -> PHP and SuExec Configuration.
* Differences between suPHP and “regular php”:
Regular PHP installation on a web server runs as the user nobody and it doesn’t require the execute flag to be enabled. The problem with regular PHP installation is that if mod_openbasedir is not installed, every user on the server will be able to read your php files because practically everyone shares the same username (nobody).
PHP Files are not meant to be read, but parsed, otherwise everyone who is able to read your php file will able to view settings that you would want to keep private, such as your MySQL username and password.
suPHP fixes this issue because it requires PHP scripts to be executed with the permissions of their owners. suPHP also fixes common file ownership issues that mostly occur with few Content Management Systems such as Joomla and also on the popular blog software: WordPress.
* Can I use the php_value directives in .htaccess files with suPHP?
suPHP does not support the php_value/php_admin_value directive known by mod_php to parse configuration options to scripts for certain virtual hosts or directories. All the php_flags in your .htaccess will have to be moved to php.ini, which you will have to create in your public_html directory.
* Example:
.htaccess php_flag register_globals on
php.ini register_globals=on
You will have to move every command on .htaccess that starts with php_flag.
Sponsored Links:
* Troubleshooting Internal Server Errors (Error 500):
Whenever an internal server error occurs, the error will be added to the Error Log in cPanel. (cPanel Error Log). This will help you pin point the error. In most cases it will either be a permission error on a bad command in your .htaccess file (remember that all php values have to go to your php.ini file).
Directories that require writable permissions will no longer require 777 as permissions and suPHP will refuse to write or read on directories exposed with such permissions, make sure you chmod them to 755
Basically suPHP will refuse to serve any pages that are at security risk, for example with 777 as permissions. (will generate an Internal Server Error)
* All servers having SuPHP installed for added security
* The main features of SuPHP that you should be aware of is:
1. SuPHP does not allow files/folders to run where they have group and world write permissions; only the account owner can write to files/folders. This forces all users to ensure that their files/folders have correct permissions and prevents hackers uploading malicious content into vulnerable folders.
2. SuPHP allows all PHP scripts to be run under the user account ownership, instead of running under the “nobody” user. This is particurly helpful in tracking down scripts which send out SPAM as the “nobody” user.
Most user accounts will not notice any difference. However a number of user accounts will have some problems/errors which can be easily resolved using this command in terminal “if you dont have root access try to ask your System Administrator”
for files:
find . -name *.php -type f -exec chmod 644 {} \;
or
find . -type f -exec chmod 644 {} \;
and
for folders:
find . -type d -exec chmod 755 {} \;
==================================================================
What is suPHP?
My Blog List
-
What Is Alma Linux? A Free and Open-Source Enterprise Grade OS - The release of AlmaLinux created quite a buzz in the Linux community back in February of 2021. The distro is a forever-free alternative to Red Hat Enterp...15 hours ago
-
How to configure AWS SES with Postfix MTA on Debian Linux - [image: See all Amazon AWS web services related articles/faq] AWS SES (Amazon Simple Email Service) is a cloud-based email-sending service that is both rel...6 days ago
-
PaloAlto init-cfg.txt Bootstrap Config file Layout with Examples - When you install and configure the PaloAlto firewall, when the firewall boots up for the first time, it does the bootstrapping process. PaloAlto uses the s...1 year ago
-
Clusterssh – Administer multiple ssh or rsh shells simultaneously - Sponsored Link The command opens an administration console and an xterm to all specified hosts. Any text typed into the administration console is replicate...3 years ago
-
Web Application Vulnerability Scanning Tools - Web Application Vulnerability Scanning Tools Nessus http://www.tenable.com/products/nessus PortSwigger https://portswigger.net/ qualys https://www.qualys....5 years ago
-
What You Don’t Know About Linux Open Source Could Be Costing to More Than You Think - Guest post by Marc Fisher If you would like to test out Linux before completely switching it as your everyday driver, there are a number of means by which ...6 years ago
-
Resolving Sysprep problems with App-X packages (Part 1) - This is the first of two articles explaining how to fix systems that won't Sysprep if Windows Native/App-X applications have been removed and Windows patches.6 years ago
-
V2V Communications security considerations - The future of vehicles, road infrastructure and driving are changing. We are progressing with vehicle-to-vehicle (V2V) and vehicle-to-infrastructure (V2I) ...6 years ago
-
10 UNIX / Linuz Size Command Examples for ObjectFiles - Linux size is part of GNU binutils. This utility is very helpful for programmers to analyze the data from the executable files (or object files). By defaul...9 years ago
-
Updating VMware Tools on Red Hat Enterprise/Scientific/CentOS Linux 6 for VMware ESXi 5 - In a previous post I discussed installing the open source VMware tools for Red Hat Enterprise/Scientific/CentOS Linux 6 from a yum package repository provi...12 years ago
