Suphp has been installed on our servers; suPHP is a tool for executing PHP scripts with the permissions of their owners. It consists of an Apache module (mod_suphp) and a setuid root binary (suphp) that is called by the Apache module to change the uid of the process executing the PHP interpreter.
What are the differences from non suphp servers except that security setup is improved from no suphp servers:
Directories do not need to be 777 anymore, and php file (script) do not need 755 permissions. 644 is fine. (400 or 600 can also be used depending on your need and how sensitive your information is. Trying to run a script with 777 setting will result in a server error.
The following is important if you come from a host which does not use suphp and you made changes in your .htaccess files to adjust php variables:
php_flag or php_value can NOT be used in .htaccess files (this will result in Internal Server Error).You will be able to make your php changes in your own local php.ini script below you will see the way our system scans for a php.ini file;
- If a php.ini file resides in the directory of the script that file will be used.
- If suPHP_ConfigPath directive is set in the .htacess file, The php.ini in the directive will be used.
- None of the above, the server global php.ini file will be used.
If you need 1 php.ini for all your scripts in all directories the second option would make it easy, you only have to set the suPHP_ConfigPath directive in your .htaccess file in the public_html of your account. The directive it self can be outside of the public_html for additional safety.
Need help by implementing this for your site, or have questions about suphp please contact our helpdesk and we are more than glad to provide you the assistance needed. If you are a new customer and want your site to be tranfered we are more as glad to help you troubleshoot anything related to suphp.