Under PHPSuexec your directories and PHP files can have permissions no greater than 755 (read/write/execute by your username, read/execute by group/world). Since you own your files, your scripts can function in any directory your user has created and can’t be manipulated by any outside users, including “nobody”.

Now, when a PHP file creates or uploads a new file under your account, the new file will be owned by your username. You will no longer have to worry about the webserver taking over your files and even more important, you will no longer have to worry about a stranger reading or writing to your files either!

.htaccess

When PHP runs as an Apache module you are able to manipulate PHP using .htaccess – since .htaccess is an Apache feature. When PHP runs as a CGI, you can no longer do this because Apache no longer understand the PHP flags and values. Instead, when PHP runs as a CGI, you will need to create your own PHP initialization file, this file is called php.ini — php.ini works almost the same as .htaccess — it is simply a text file with directives that will be used instead of the servers default directives.

To give you a better understanding about how both work in regards to PHP, we have listed a .htaccess file and a php.ini file below.

.htaccess
php_value magic_quotes_gpc on
php.ini
magic_quotes_gpc = on

There is one main difference to the use of .htaccess vs php.ini — a .htaccess file can be placed at the root directory and effect all subdirectories with just 1 file, php.ini does not work this way. A php.ini file needs to be placed in every directory and subdirectory that requires the altered directives. This is a downfall for using PHPSuexec, however we hope that in the future PHP can be written to handle the php.ini file in a more workable fashion.

Last but not least, there is a directive used in .htaccess that needs to be altered in order to work under PHPSuexec. The directive ForceType needs to be changed to SetHandler. For example:

PHP as an Apache Module .htaccess Style
ForceType application/x-httpd-php

PHP as a CGI with Suexec .htaccess Style
SetHandler application/x-httpd-php

The post PHP as a CGI with Suexec appeared first on Hivelocity Hosting.

It creates a more secure environment as compared to running PHP as an Apache module.

The post Tell me something about phpsuexec appeared first on Hivelocity Hosting.

SuExec is an Apache feature that gives users the ability to run CGI and SSI programs using user IDs that are different from the user ID of the calling web server. This effectively means that CGI and SSI programs will not have access to the root account or have root permissions. Since lots of CGI scripts are used to send mail, it will be easier to see who is sending mail on your server as well.

Steps

1 To access the Service Configuration Menu, click on Service Configuration Setup, on the main screen of your WebHost Manager interface.

2 Click on Enable/Disable SuExec.

3 Click on Enable to enable SuExec or click on Disable to disable SuExec.

The post Enable/Disable SuExec appeared first on Hivelocity Hosting.

Fix cgi scripts that are returning a 500 error because of permissions : /scripts/fixsuexeccgiscripts This reads /usr/local/apache/logs/suexec_log and looks for errors and tries to fix them, though if you still get errors, tail that log file and see what the error is.

The post Fix Suexec breaking cgi scripts issue appeared first on Hivelocity Hosting.