I have a problem in the last apache upgrade (apache 2.2.8 + php5) step .
exactly in "Configure Suexec and PHP"
I found this option doesn't have multi values as CGI or Suphp just I found none :
PHP 5 Handler none
PHP 4 Handler none
I must to return to build apache1 with php4 for I can see suphp and cgi in "Configure Suexec and PHP" "PHP 4 Handler" option .
Do you have any idea for patch PHP suEXEC with "ln" command?
View 9 Replies View Relatedwhat fellow users here set --with-suexec-docroot in Apache
installations when cgi-bin folder is outside the public_html folder.
Looks like setting it to /home is the only way.
I installed lsws without apache conf file(httpd.conf). Then I created a new virtual host in "suEXEC" Template. I added a new user via SSH and made home dir for him and chowned his home dir + all his files to hisusername:hisusername. His home dir(/home/user/) is chmoded to 755 and his /public_html to 711. It worked fine but after that I installed phpbb3 forum and when I tried to chmod config.php to 600 I got an error on the forum:
Fatal error: require() [function.require]: Failed opening required './config.php' (include_path='.:/usr/local/lib/php') in /home/username/public_html/common.php on line 127
When I was using lsws with apache conf file and I had configured suEXEC + suPHP for apache I was able to chmod config file to 600 and it worked fine. I have no idea what could be the problem now.
It works fine when I chmod config.php to 755 but for security reasons I would need a way to configure it to 600.
LiteSpeed si running as nobody:nobody.
EX. APP settings:
LSAPI App
$VH_NAME_lsphp
uds://tmp/lshttpd/$VH_NAME_lsphp.sock
SCRIPT HANDLER settings:
Suffix: php5
Type: LiteSpeed API
Name: [VHost Level]: $VH_NAME_lsphp
what are suexec / suphp and for what purpose we use it.
View 1 Replies View RelatedIs there any which works with this turned on?
View 3 Replies View Related(what I did find was for old apache, not 2.2)
I have Fedora Core 5 wih Apache 2.2.2 and VirtualHosts setup, currently running mod_php and mod_suexec. I would like to switch to use php with suexec because I need to edit files with php that "nobody" doesn't have access to (777 not an option).
Right now mod_suexec works great with Perl, but not PHP. So I ask, how can I get them to play nice?
Can anyone tell me the difference between SuExec and PHPSuExec. I hear eaccelerator will not work with PHPSuExec but will it work with SuExec?
View 2 Replies View Relatedwhat is phpsuexec and suexec and how to stop them ?
View 1 Replies View RelatedI've been attempting to develope a server running apache 2+, php 5, and I was running into issues installing php as cgi.... All my scripts require The shebang:
#!/usr/bin/php at the top to execute properly. Anyone know a good site/how to that explains how to do this?
has anyone else here run suexec with apache? If so, could you tell me what you compiled it with? Just curious, as I think i'm doing everything right, yet I still fail
Can I have Apache suexec with cPanel?
View 5 Replies View RelatedI want to ask about suexec.
Currently I disable suexec in my dedicated server.
Which is better, to enable it or not?
What will happen to existing sites folder permissions if suexec is turned on?
my server is centos and cpanel,
i setup it with suphp and suEXEC,
and i set the register_globals as off on server,
now,i had a website need register_globals on,
i search many articles and try to edit php.ini and .htaccess,
but all still show
FATAL ERROR: register_globals is disabled in php.ini, please enable it!
or
500 internal error
could anyone teach me how to solve the issue?
is it good or not and why we should enable or disable it in cpanel server or other server?
View 11 Replies View RelatedI have just switched from mod_php to fastcgi + suexec, but now trying to use the ab command times out :
ab -n 10000 -c 100 [url]
This is ApacheBench, Version 2.0.40-dev <$Revision: 1.146 $> apache-2.0
Copyright 1996 Adam Twiss, Zeus Technology Ltd, [url]
Copyright 2006 The Apache Software Foundation, [url]
Benchmarking www.example.com (be patient)
Completed 1000 requests
Completed 2000 requests
Completed 3000 requests
Completed 4000 requests
Completed 5000 requests
Completed 6000 requests
Completed 7000 requests
apr_poll: The timeout specified has expired (70007)
Total of 7422 requests completed
Then I get a bunch of emails from LFD ....
First uninstall your existing PHP.
Install httpd-devel
Second compile a new PHP with support of cgi/fcgi:
Code:
./configure --prefix=/usr/local/php-fcgi --enable-fastcgi --enable-memory-limit --with-mysql=shared,/usr --enable-discard-path --enable-force-cgi-redirect --with-imap=shared,/usr --with-gd=shared,/usr --with-libxml=shared,/usr --with-mbstring=shared --with-freetype-dir=/usr --with-jpeg-dir=/usr --with-png-dir=/usr --with-zlib-dir=/usr --with-kerberos --with-imap-ssl
make
make install
To solve the errors during configure problems take a look at this:
[url]
Next you'll need to download/install fcgid:
Code:
wget http://www.fastcgi.com/dist/fcgi-2.4.1-SNAP-0311112127.tar.gz
tar xfvz fcgi-2.4.1-SNAP-0311112127.tar.gz
cd fcgi-2.4.1-SNAP-0311112127
./configure
make
make install
Next you'll need to compile/install mod_fastcgi for Apache 2.2.2:
Code:
wget [url]
tar xfvz mod_fastcgi-SNAP-0404142202.tar.gz
cd fcgi-2.4.1-SNAP-0311112127
Now we need to apply a patch so mod_fastcgi compiles with Apache 2.2. Put the following into a file:
Code:
diff -ruN mod_fastcgi-2.4.2/Makefile.AP2 mod_fastcgi-2.4.2.for22/Makefile.AP2
--- mod_fastcgi-2.4.2/Makefile.AP2Mon Jul 29 03:36:34 2002
+++ mod_fastcgi-2.4.2.for22/Makefile.AP2Mon Dec 5 13:05:21 2005
@@ -20,8 +20,6 @@
all: local-shared-build
-install: install-modules
-
clean:
-rm -f *.o *.lo *.slo *.la
diff -ruN mod_fastcgi-2.4.2/fcgi_buf.c mod_fastcgi-2.4.2.for22/fcgi_buf.c
--- mod_fastcgi-2.4.2/fcgi_buf.cTue Feb 4 00:07:37 2003
+++ mod_fastcgi-2.4.2.for22/fcgi_buf.cMon Dec 5 12:59:01 2005
@@ -50,7 +50,7 @@
{
Buffer *buf;
- buf = (Buffer *)ap_pcalloc(p, sizeof(Buffer) + size);
+ buf = (Buffer *)apr_pcalloc(p, sizeof(Buffer) + size);
buf->size = size;
fcgi_buf_reset(buf);
return buf;
@@ -487,7 +487,7 @@
char *new_elts;
int new_nalloc = (arr->nalloc <0>nelts + n;
- new_elts = ap_pcalloc(arr->pool, arr->elt_size * new_nalloc);
+ new_elts = apr_pcalloc(arr->pool, arr->elt_size * new_nalloc);
memcpy(new_elts, arr->elts, arr->nelts * arr->elt_size);
arr->elts = new_elts;
diff -ruN mod_fastcgi-2.4.2/fcgi_config.c mod_fastcgi-2.4.2.for22/fcgi_config.c
--- mod_fastcgi-2.4.2/fcgi_config.cThu Oct 30 02:08:34 2003
+++ mod_fastcgi-2.4.2.for22/fcgi_config.cMon Dec 5 12:59:01 2005
@@ -50,7 +50,7 @@
/* Convert port number */
tmp = (u_short) strtol(portStr, &cvptr, 10);
if (*cvptr != '' || tmp <1> USHRT_MAX)
- return ap_pstrcat(p, "bad port number "", portStr, """, NULL);
+ return apr_pstrcat(p, "bad port number "", portStr, """, NULL);
*port = (unsigned short) tmp;
@@ -75,11 +75,11 @@
tmp = strtol(txt, &ptr, 10);
if (*ptr != '') {
- return ap_pstrcat(p, """, txt, "" must be a positive integer", NULL);
+ return apr_pstrcat(p, """, txt, "" must be a positive integer", NULL);
}
if (tmp <min> USHRT_MAX) {
- return ap_psprintf(p, ""%u" must be >= %u and <u>= %u and <u cp=''>= %d", *num, min);
+ return apr_psprintf(p, ""%d" must be >= %d", *num, min);
}
return NULL;
@@ -126,9 +126,9 @@
*num = (u_int)strtol(val, &ptr, 10);
if (*ptr != '')
- return ap_pstrcat(p, """, val, "" must be a positive integer", NULL);
+ return apr_pstrcat(p, """, val, "" must be a positive integer", NULL);
else if (*num < min)
- return ap_psprintf(p, ""%u" must be >= %u", *num, min);
+ return apr_psprintf(p, ""%u" must be >= %u", *num, min);
return NULL;
}
@@ -147,9 +147,9 @@
*num = (float) strtod(val, &ptr);
if (*ptr != '')
- return ap_pstrcat(p, """, val, "" is not a floating point number", NULL);
+ return apr_pstrcat(p, """, val, "" is not a floating point number", NULL);
if (*num <min> max)
- return ap_psprintf(p, ""%f" is not between %f and %f", *num, min, max);
+ return apr_psprintf(p, ""%f" is not between %f and %f", *num, min, max);
return NULL;
when i remove php suexec support, while i entering sites it save php files. how can solve this problem
Server info;
WHM 10.8.0 cPanel 10.9.0-R10737
CentOS 4.4 x86_64 - WHM X v3.1.0
i install roundcube webmail (php)
i want to add an alias like /mail for all domain to /usr/src/roundcube
i add this command in httpd.conf:
Quote:
Alias /mail /usr/src/webmail
but because suphp installed , apache run it under root user (or user assigned to it) and suphp produce "500 Internal server Error"
i am trying to setup a VPS with:
Apache Suexec, so that each VHosts runs under there own username
FTP for each of the vhosts.
I have made a username aplushost and FTP works fine when i login, however when i try and get Suexec to work it shows a 403 permision dined, even know the whole directroy path is with correct permsions.
"/home/aplushost/www"
However if i chown the directroy "aplushost" to apaches username , currently "nobody" i have tried with "apache" and many others the page is displayed correctly.
The weird thing is that the www directroy can still be set to the aplushost username and files work inside.
However due to changing the privalages of the folder aplushost ftp now fails to login due to the folder not being owned by the ftp user "aplushost".
So im stuck between only having one item working at a time.
i have put some content of my config files.
----------httpd.conf vhosts------------------
<VirtualHost 87.117.196.247>
DocumentRoot "/home/aplushost/www"
ServerName aplushost.co.uk
SuexecUserGroup aplushost aplushost
<Directory "/home/aplushost/www">
allow from all
Options +Indexes
</Directory>
</VirtualHost>
---------------passwd file----------------
aplushost:x:500:99::/home/aplushost/www:/sbin/nologin
(Have tried with many different shells, no difference, also tried with home directroy as just /home/aplushost)
I am having trouble with blank pages on some web applications; ccHost and phpBB3.
I can get these to run on a seperate VPS, that isn't as securely locked down and the dedi --- but it is of course the dedi I want to run these apps from.
I simply get blank pages when trying to access ccHost. As if PHP isn't parsing it. But in a phpBB3 installation I'm getting random blanks, some of which I can refresh out of ... What's even weirder: sometimes when I try to viewtopic - or call some function ... I get the download dialogue!? (Do you want to open or download index.php for instance).
I've been trying loads of stuff. It seems that mod_security isn't running anymore, so that isn't the issue. Could mod_cgi or mod_suexec perhaps be the cheeky offenders? I have absolutely no idea.
Just hoping someone can help me where to look... Or how I can debug this issue. I'm at a loss in how to continue. Any help will be very appreciated.
Some details... The server is hardened and secured, but...
I'm running other CMS installs on the server, and they are working fine. Even a phpBB2 install is running smooth. Besides this I'm using LAMP setup on CentOS and webmin is running.
I am running on;
Plesk versionpsa v8.0.1_build80060613.20 os_CentOS 4.2
Operating systemLinux 2.6.9-023stab033.6-smp
License key numberPLSK.00170782.0006
I need to be able to access cgi between vhost domains. In particular one frequently updated file located 'centrally' in the cgi-bin of one of the vhost domain.
I would like to be able to have other vhost domains be able to access this file but suexec won't let that happen. I have searched around and tried to following;
Created vhost.conf file in the conf directory of one of the domains.
The vhost.conf file contained (with no #):
# <IfModule mod_suexec.c>
# SuexecUserGroup userid psacln
# </IfModule>
I ran;
/usr/local/psa/admin/bin/websrvmng -u --vhost-name=<domain name>
Then reboot.
The result was all the vhosts stopped working. I reset the websvrmng, things returned to normal.
Then I tried updating the httpd.include file adding (with no #);
# <IfModule mod_suexec.c>
# SuexecUserGroup userid psacln
# </IfModule>
Then reboot.
The result was the same, all vhosts stopped working.
Does anyone have an idea how I can achieve this? I know I can disable suexec all together but that wreaked a little havoc with the cgi app when I tried that.
i got mod suexec / phpsuexec installed on the server recently. if i click on view cpu/memory/mysql usage in WHM i can see this in the first row:
<username><domain>3.170.110.1
Top Process%CPU 145/usr/bin/php
Top Process%CPU 100/usr/bin/php
Top Process%CPU 81.7/usr/bin/php
now this info is pretty useless. ok, php is evidently bursting to pretty damned high cpu levels. BUT, what are the actual FILES causing this load?
We have updated our Plesk 10.4.4 to 12.0.18. We want to use PHP with FastCGI (Apache) and get always the following suexec - error:
command cgi_wrapper not in docroot (10004)
We use CentOS 6.4
I need to change the server configuration on Plesk such that the SuexecUserGroup directive is removed, so the user's cgi scripts run as the apache user (www-data), rather than as the user specified in that directive (the domain user), as on an unshared (non-VPS) server. I don't care about security from other domains because only one domain runs on it anyway, so making the user domain-specific is irrelevant from a security point of view and stops some of the user's code working.
This directive is found in
/var/www/vhosts/domainname.com/conf/httpd.include
and is:
SuexecUserGroup user psacln
(this line appears twice, for ports 443 and 80)
I understand that this file can't be modified, as it may be overwritten by Plesk. Therefore additional directives must go in the vhost.conf file.
Will the following vhost.conf file do the trick and override the directives in httpd.include?
<VirtualHost domainIP:443>
SuexecUserGroup www-data www-data
</VirtualHost>
<VirtualHost domainIP:80>
SuexecUserGroup www-data www-data
</VirtualHost>
Why this error might have started to appear? I am fairly new to apache and was trying to harden it up.
I am use CentOS:
Server version: Apache/2.2.25 (Unix)
Server built: Oct 7 2013 17:21:18
Cpanel::Easy::Apache v3.22.14 rev9999
I was trying to add a group to control access to specific groups to enforce some security:
chown -R root:root /usr/local/apache/bin
chmod -R 770 /usr/local/apache/bin
chown -R root:root /usr/local/apache/conf
chmod -R 770 /usr/local/apache/conf
groupadd apacheadmin
groupadd apache
useradd -d /usr/local/apache/htdocs -g apache -s /bin/false apache
I think this is a permission issue.
some of my sites works good and some didn't work!
i check my site on checkdns.com and its show me this Error Report
CheckDNS.NET is verifying if NS are alive[url] NS list mismatch: registration authority reports that domain is hosted on the following servers: 'ns.sitename.com; ns1.sitename.com', but DNS server ns.sitename.com reports domain to be hosted on 'ns.sitename.com'. Please make sure that you configure the same DNS servers in registrar database and on your DNS
i saw the
PHP Code:
[root@secure ]# cat /etc/resolv.confnameserver xxx.xxx.xx.xxxnameserver xxx.xxx.xx.xxxnameserver xxx.xxx.xx.xxx[root@secure ]#
i have 2 ip just
I have a question on how to set up (clone) two nameservers.
I have two VPS' with two IPs that are totaly independent of each other. Both running ispCP with Apache2, mail, ftp, mysql, AND bind9 as DNS managment.
So. I want these two server to be as independent as they are, BUT they should share NameServers with each other.
Something like this:
host1:
ns1.domain.com = host1
ns2.domain.com = host2
host2:
ns1.domain.com = host1 (or host2?? = inverted)
ns2.domain.com = host2 (or host1?? = inverted)
A lot of domains are running more then one NameServer, but I could not find any tutorial on how to "clone" the NS from one to an other. Is it enough to just add some kind of "transfer to IP setting" in bind, or do I have to have scripts that download settings and files from one server to an other regularly?
On my server I'd like to keep sites as fast as possible and not drain too much on the server. I don't have many users, but I'd like to get it right the first time. What's the best DB engine to use? What about other settings? I'm not sure I should run caching yet, I'm not under much load.
The server is running on Windows.
how come I can't route all traffic through openvpn.
1. I was able to ping my client and server ip no problem. So the tunnel connection is fine.
The problem is i can't route internet traffic through openvpn.
I was able to ping from tun0 interface after i add below command
iptables -t nat -A PREROUTING -s 10.8.0.0/24 -o eth0 -j MASQUERADE
root@host188 [/etc/openvpn/config]# ping -I tun0 4.2.2.2
PING 4.2.2.2 (4.2.2.2) from 10.8.0.1 tun0: 56(84) bytes of data.
64 bytes from 4.2.2.2: icmp_seq=1 ttl=55 time=8.94 ms
64 bytes from 4.2.2.2: icmp_seq=2 ttl=55 time=8.65 ms
64 bytes from 4.2.2.2: icmp_seq=3 ttl=55 time=8.90 ms
However, my client can't ping 4.2.2.2 from vpn tunnel and I use tcpdump I saw the traffic coming.
downloaded WAMP5_1.7.0. Prior to downloading I was freaking out wondering if I was going to screw up my computer with software conflicts, but I pressed on. I read the Apache information regarding IIS / Apache conflicts. The tutiorial told me to check the services installed on my computer. The tutorial told me to look for a service titled "World Wide Publishing" The service (WWP) did not exist so I proceeded to the WAMP installation wizard. I installed it. Apache does not display in the services window. As if it does not exist. Apache will not fire up. From what I got from the instructions at Apache, it seems there are alot of modifications I can perform to setup Apache correctly. The long and short of it is I connot see my see what my HTML/PHP code is spitting out because Apache never fires up. Can anyone give me some pointers on setting WAMP up in plain ENGISH? Just a note, when I float my mouse over the Apache icon, a little mouse over windows comes up saying "one of two servers running". Is ISS enabled on my computer? I'm frustrated. Any help regarding this matter is worth a beer (or 12).
View 0 Replies View RelatedI purshased a web hosting and I uploaded just one folder to it with my email contact form. The fact is that Google is already listing my site but it is showing the full content of my HTML public folder! Everyone could search my site like an FTP! I don't really want that. How can I avoid that? I just want web browsers to show my web pages, not the folders neither my HTML public folder with all my files: scripts, photos, etc.
Google is showing all this:
Index of /[DIR] Parent Directory 15-Jan-2007 07:58 - [DIR] cgi-bin/ 15-Jan-2007 02:37 -. Apache/1.3.37
Maybe the solution is too easy but for me it is a nightmare right now.
