Hosting with suPHP support

ringo747 · 7 Apr 2009 at 17:14

Hi, recently I was experiencing some problems with some cached files on my hosting being assigned to user 99 which meant I couldn't delete the folders/files.

My account was moved to a new server running suPHP. I just wanted to check what differences to expect and what people's recommendations are either way. Is it better having suPHP enabled to make sure I own all the files rather than other user 99s?

I discovered I had to use php.ini files to set php include paths etc but could still use htaccess as normal after adding the php version handler.

I wanted to find out a bit more about security on both environments and the pros and cons of each. Do most of the pros here run with this module enabled?

Thanks in advance.

malef!c · 7 Apr 2009 at 19:49

suPHP, I think, is a bit safer for the whole server - means folders only have to be chmodded to 755 meaning the world and their dog cannot write to the folder.

Couple suPHP with mod_security and you are getting a decent bit of hosting!

ringo747 · 7 Apr 2009 at 20:17

I don't think i have mod_security but maybe I could enable it in the php.ini file. Will check out some more info about it.

I was just curious as to which server setup was best. I take it most people who know what they are doing run suPHP or suexec or something similar?

Is there anyway you can overcome the ownership problems without these enabled?

Thanks

Beansprout · 8 Apr 2009 at 22:57

Nope, since without suPHP your scripts are run by a different user

Also, if you are who I think you are then you're hosted by us and we run mod_security as standard on all servers

ringo747 · 8 Apr 2009 at 23:24

Beansprout said:
Nope, since without suPHP your scripts are run by a different user

Also, if you are who I think you are then you're hosted by us and we run mod_security as standard on all servers

Ah small world! Thanks for all the help!