Archive for the ‘PHP Hosting’ Category
Sunday, May 24th, 2009
The earlier version was PHPsuExec but that is quickly being replaced by suPHP and the two do basically the same thing.
suPHP provides an additional layer of protection on servers. It causes php scripts to run under the account username instead of the user ‘nobody’ which is the user that apache/php would run under on a server that is not running suPHP. This feature allows us to more easily track any potential security breaches that come in via insecure php script(s) that a user is running.
suPHP also does away with the requirement of using 777 permissions on directories/files that need write permission. In fact if a directory and/or file has the permission set to (CHMOD) 777 and it is access via a browser, then an internal server error 500 will be generated. The highest level of permissions that a user can use on a suPHP enabled server is 755. This permission setting is sufficient enough for any directories/files that needs to be written to.
The benefit of using suPHP besides better security, is that it will make any PHP applications (most often CMS systems) such as Mambo more user friendly. Case in point: If you upload/install anything via Mambo such as a template on a non-suphp server, then those template files will be owned by ‘nobody’ and you will not be able to edit them manually or even delete them from your account. This ownership issue is done away with suPHP. On a suPHP enabled server, those same template files will be owned by the account username and the account holder will be able to manipulate those files as he sees fit.
No longer do you need to use (chmod) the dangerous file permission of 666 or the folder permission of 777 to make things writable.
The correct permissions should be:
- Writable Folders: 755
- Writable Files: 644
- Files that need to be un-writable: 444
Tags: suPHP
Filed under Linux Web Hosting, PHP Hosting, Server Security, Website Development | No Comments »
Friday, May 22nd, 2009
By default, SourceGuardian is not installed on any of our web hosting packages. However, that does not mean that you are not able to host any scripts that are encoded with SourceGuardian!
SourceGuardian does tell you to upload there encoders to the scripts folder and it will load the files as long the php function dl() is enabled as part of the installation. And unfortunately we have to dissapoint you once again, dl() is disabled for security reasons on all web hosting packages.
Below we will explain you how to get the scripts to run properly, this is possible since we run suPHP.
First you need to create a new .htaccess file in your public_html folder if you haven’t done already. Otherwise you need to edit your current .htaccess file.
In your .htaccess file under your public_html folder, add the following:
suPHP_ConfigPath /home/user/public_html
<Files php.ini>
order allow,deny
deny from all
</Files>
Note: Make sure to change the user text above to your account user name.
Then create a php.ini file under your public_html folder and add the following (or edit the current file if you have a php.ini file):
extension_dir=/home/user/public_html/extensions
[Zend]
zend_extension=/usr/local/ioncube/ioncube_loader_lin_5.2.so
zend_optimizer.optimization_level=15
zend_extension_manager.optimizer=/usr/local/Zend/lib/Optimizer-3.3.3
zend_extension_manager.optimizer_ts=/usr/local/Zend/lib/Optimizer_TS-3.3.3
zend_extension=/usr/local/Zend/lib/ZendExtensionManager.so
zend_extension_ts=/usr/local/Zend/lib/ZendExtensionManager_TS.so
extension=/home/user/public_html/extensions/ixed.5.2.lin
Note: Make sure to change the user text above to your account user name.
Zend Optimizer and IonCube loaders are added as well so you won’t drop the support for them with your new php.ini file.
Now create a new folder called "extensions" in your public_html folder and download the required loader at http://www.sourceguardian.com/ixeds/ixed4.lin.x86-64.zip
Then extract the zip file and upload the file "ixed.5.2.lin" to your created folder "extensions"
You may choose another folder to upload the SourceGuardian loader to but remember to have the folder name reflect the one you typed within your php.ini file.
Full details about SourceGuardian can be found at there website, located here:
http://www.sourceguardian.com
Congratulations, you have just installed SourceGuardian in your web hosting account and your script should now run properly!
Tags: htaccess, suPHP
Filed under Linux Web Hosting, PHP Hosting, Server Security, Web Hosting Services | No Comments »
Monday, May 18th, 2009
In your .htaccess file under your public_html folder, add the following:
suPHP_ConfigPath /home/user/public_html
<Files php.ini>
order allow,deny
deny from all
</Files>
Note: Make sure to change the user text above to your account username.
Then create a php.ini file under your public_html folder and add any of the following that are needed:
upload_max_filesize = 12M
post_max_size = 16M
memory_limit = 32M
max_execution_time = 60
upload_tmp_dir = /tmp
Information below will not work at DS-Hosting Solutions, use the above method instead because we are running suPHP.
For servers running normal PHP you can increase the PHP max upload size for your account by adding the following to your .htaccess file:
php_value upload_max_filesize "12M"
php_value post_max_size "16M"
php_value max_input_time "60"
Tags: htaccess, suPHP
Filed under PHP Hosting | No Comments »
Monday, May 18th, 2009
If you are receiving the error 500 it will be due to one of the following issues:
Check your .htaccess file for php_ commands. If you have any, add a # in front of the line or delete them. Then test your webpage. If you still have the error try removing everything from your .htaccess file. If that resolves the issue add the .htaccess lines back one at time until you find the bad line.
If these steps do not resolve your issue try the next steps.
- File and folder permissions
Check your files and folders to make sure you don’t have any files with the permission 666 or folders with the permission 777.
Those permissions are not needed onĀ our servers. We run suPHP which allows you to make files writable without creating the major security hole that occurs when using the permissions 666 and 777.
The correct permissions should be:
Folders: 755
Files: 644
Files that need to be unwritable: 444
If you added a MiME-Type to the system in order to run html files as php scripts, you will have to remove it and add an ApacheHandler instead.
Log into cPanel, then click on Apache Handlers and add the following:
Handler: application/x-httpd-php
Extension(s): .html
Tags: htaccess, suPHP
Filed under PHP Hosting, Server Security, Website Development | No Comments »
