Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision 		Previous revision
Next revision Both sides next revision
cpanel:enable-suphp [2010-05-20 17:32:32]
garrett.plasky 		cpanel:enable-suphp [2012-10-24 00:18:47]
shaun.reitan
Line 6: Line 6:
   * Slightly more secure: Set directory permissions to 0770 and the owner to user:nobody. More secure, but still allows any script run under the webserver to write to this directory.   * Slightly more secure: Set directory permissions to 0770 and the owner to user:nobody. More secure, but still allows any script run under the webserver to write to this directory.
  
-What SuPHP allows is for the directory to remain owned by user:usergroup and tight 0750 permissions (or even 0700). Furthermore, files create through PHP (or uploaded through it) will be owned by the effective user instead of nobody as they otherwise would be. This allows users to manage/delete/rename/etc. these files themselves as a normal cPanel-level user as opposed to requiring root access.+What SuPHP allows is for the directory to remain owned by user:usergroup and tight 0750 permissions (or even 0700). Furthermore, files created through PHP (uploaded files as well) will be owned by the effective user instead of nobody as they otherwise would be. This allows users to manage/delete/rename these files themselves as a normal cPanel-level user as opposed to requiring root access, or needing a server admin to change the ownership for them.
  
 Sound good? If so, let's get started! Sound good? If so, let's get started!
Line 20: Line 20:
 Apache and PHP will now rebuild automatically for you, and you will not have any service downtime while this transpires. This build typically takes anywhere from 20-30 minutes to complete. Apache and PHP will now rebuild automatically for you, and you will not have any service downtime while this transpires. This build typically takes anywhere from 20-30 minutes to complete.
  
-==== Enabling SuPHP as the Default Loader ====+==== Enabling SuPHP as the Default Handler ====
  
   - In the WHM, go to //Main >> Service Configuration >> Apache Configuration >> PHP and SuExec Configuration//, and for your specific version of PHP, select 'suphp' as the default handler from the dropdown list. Click **Save New Configuration** and you're done!   - In the WHM, go to //Main >> Service Configuration >> Apache Configuration >> PHP and SuExec Configuration//, and for your specific version of PHP, select 'suphp' as the default handler from the dropdown list. Click **Save New Configuration** and you're done!
  
 This setting is not retroactive for any files/directories with incorrect nobody ownerships, so you'll need to log into the server as root and fix those manually. Also while you're in there you can tighten down directory permissions as described above! This setting is not retroactive for any files/directories with incorrect nobody ownerships, so you'll need to log into the server as root and fix those manually. Also while you're in there you can tighten down directory permissions as described above!
 +
 +==== Converting to suPHP Tips and Tricks ====
 +
 +=== Fixing Permissions on files and folders ===
 +
 +When converting to suPHP one of the common problems admins see is customer websites showing "internal server errors" Many times this is caused by incorrect permissions being set on the files and directories.  The below code will help correct these permission problems by setting PHP files to 0600, directories to 0711, and files/directories to the proper user.group.
 +
 +<code console>
 +/scripts/chownpublichtmls
 +cd /var/cpanel/users/
 +for i in *; find ./ -iname "*.php" -exec chmod -v 600 {} \;; find ./ -type d -exec chmod -v 711 {} \;;done
 +</code>
  
 {{tag>how-to php suphp}} {{tag>how-to php suphp}}