Files uploaded with php scripts are owned by apache - how to install suPhp


Enter Your Query:
Use '%' for wildcards and quotes for "exact phrases"


Top Level » CustomBuild

Files uploaded with php scripts are owned by apache - how to install suPhpLast Modified: Jun 17, 2012, 1:44 pm
When php is in it's default state "CLI", php scripts run as the apache user.
If any files are uploaded or created with php, then the files will be saved as the apache user.

If you'd like to have php run as the system user instead of "apache", then you'd need to install suPhp.

suPhp is an option that can be set when installing the custombuild script:
http://files.directadmin.com/services/custombuild/1.1

To do so, type, after the "./build update_data" command, use this:

./build set php5_cgi yes
./build set php5_cli no
./build all d
./build rewrite_confs


Note that all logs for suPhp are stored in:
/var/log/suphp.log

If you get any "Internal Server Error" messages, check the suphp.log to see why.
Usually, things like writeable by "all" or "group" ... or having the incorrect ownership of the file would cause this.
Note that directories cannot be set to 777 with suPhp.  755 is usually the max permissions for directories (you don't need 777 with suphp since php writes as the User).
Files should be no more than 644, but php files can be 600 since they're read in by the User (security benefit with suPhp).
All files/folders must be chowned to the user, and not to apache.

Important: Note that the safe_mode and open_basedir settings in Admin Level -> Php Safemode Config only apply to php CLI, not suPhp.
If you want open_basedir and safe_mode, use this guide to enable a per-user php.ini file.

You may need to rewrite the webapps php scripts to reset the ownerships if you get internal server errors with them, eg:

./build roundcube
./build squirrelmail
./build phpmyadmin

 
Related Helpfiles
Resetting permissions and ownership on all DA related system files.
Allow php scripts to work under ~username when using suPhp (custombuild)
Setup a per-user php.ini to allow open_basedir with suPhp
Basic system security
How to prevent Users from seeing in each other's public_html folders
Using both php4 and php5 at the same time with custombuild
Where is my php.ini?
Testing which uid php is running as to debug read/write issues

2003 JBMC Software, Suite 173  3-11 Bellerose Drive, St Albert, AB  T8N 1P7  Canada.  Mon-Fri 9AM-5PM MST