www.centos.org - Forums - CentOS 6 - Software Support - SuPHP Install and security fixing

www.centos.org Forum Index

CentOS 6 - Software Support

SuPHP Install and security fixing

Bottom

Previous Topic

Next Topic

Topic options

Rate Thread

Rate this Thread
Excellent Good Average Bad Terrible

Search Forum

Search Forum

Advanced Search

View mode

View mode
Threaded
Newest First

Poster	Thread

agriz

SuPHP Install and security fixing

Regular Board Member

Joined: 2011/11/19

From

Posts: 81

Hi

SuPHP says "It provides security, because the PHP scripts are not run with the rights of the webserver's user."

In security wise : I have only root user now. How do i create an normal linux user and assign SuPHP to that user group?

How do i install SuPHP?

yum install suphp is returning no package found in centos 6

Thanks

Posted on: 2011/11/27 15:05

w3bservice

Re: SuPHP Install and security fixing

Jr Board Member

Joined: 2008/4/20

From

Posts: 29

rebuild this package

could not upload zip !

Sorry.

Here the package

suPHP src.rpm

Posted on: 2011/11/27 15:45

agriz

Re: SuPHP Install and security fixing

Regular Board Member

Joined: 2011/11/19

From

Posts: 81

Can i install it using yum?
How to configure it to work with apache (httpd) ?

Thanks

Posted on: 2011/11/27 18:18

agriz

Re: SuPHP Install and security fixing

Regular Board Member

Joined: 2011/11/19

From

Posts: 81

I got the file from suphp.org using wget
I have extracted the tar in tmp

I am not able to configure it
Can you help in installing and configuring it with httpd?

Thanks

Posted on: 2011/11/27 19:34

w3bservice

Re: SuPHP Install and security fixing

Jr Board Member

Joined: 2008/4/20

From

Posts: 29

you can get the binary rpm from my server

mod_suphp-0.7.1-2.el6.i686.rpm

Perfectserver ISP-Config 3 CentOS 6

My rpm install with yum localinstall mod_suphp-0.7.1-2.el6.i686.rpm --nogpgcheck and yum is resolving the depencies.

Posted on: 2011/11/27 21:55

agriz

Re: SuPHP Install and security fixing

Regular Board Member

Joined: 2011/11/19

From

Posts: 81

I am sorry. I didn't get properly. I am a newbie. I just wanted to secure the server.
Perfect Server is using ISPCONFIG. I haven't planned to use any cpanel

Just ftp and phpmyadmin is enough for me.

Is there any tutorial where i can find the installation and configuration of SuPhp?

Thanks

Posted on: 2011/11/28 8:15

agriz

Re: SuPHP Install and security fixing

Regular Board Member

Joined: 2011/11/19

From

Posts: 81

I just installed suphp.
But after restarting apache (service httpd restart)

I got the following error.

Starting httpd: httpd: Syntax error on line 221 of /etc/httpd/conf/httpd.conf: Syntax error on line 1 of /etc/httpd/conf.d/suphp.conf: Cannot load /etc/httpd/modules/mod_suphp.so into server: /etc/httpd/modules/mod_suphp.so: cannot open shared object file: No such file or directory

How to fix this?

Posted on: 2011/11/28 16:36

TrevorH

Re: SuPHP Install and security fixing

Moderator

Joined: 2009/9/24

From Brighton, UK

Posts: 6350

What architecture are you using? The link that was posted was to an i686 RPM and /etc/httpd/modules is a symlink to ../../usr/lib64/httpd/modules on my 64 bit system so would not work. If you have a 64 bit install then you will need a 64 bit RPM to match it.

_________________
Linux/VoIP Systems Administrator

Posted on: 2011/11/28 16:41

agriz

Re: SuPHP Install and security fixing

Regular Board Member

Joined: 2011/11/19

From

Posts: 81

Please note that mod_suphp was developped for Apache 1.3.2x and Apache
2.0.x. It might not work with other version.

I am using httpd 2.2.x

This is what i have done so far.
It will be great if you can guide me from this.

wget http://www.suphp.org/download/suphp-0.7.1.tar.gz

tar -xzvf suphp-0.7.1.tar.gz

cd suphp-0.7.1

./configure --prefix=/usr/ --sysconfdir=/etc --with-apr=/usr/bin/apr-1-config --with-apxs=/usr/sbin/apxs --with-apache-user=apache \
  --with-setid-mode=owner --with-php=/usr/bin/php-cgi --with-logfile=/var/log/httpd/suphp_log --enable-SUPHP_USE_USERGROUP=yes

make && make install

Then, I added two config files in the following directory.

/etc/httpd/conf.d/suphp.conf

LoadModule suphp_module modules/mod_suphp.so

/etc/suphp.conf

[global] ;Path to logfile logfile=/var/log/httpd/suphp.log 
;Loglevel loglevel=info 
;User Apache is running as webserver_user=apache 
;Path all scripts have to be in docroot=/ 
;Path to chroot() to before executing script ;chroot=/mychroot 
; Security options allow_file_group_writeable=true allow_file_others_writeable=false allow_directory_group_writeable=true allow_directory_others_writeable=false 
;Check wheter script is within DOCUMENT_ROOT check_vhost_docroot=true 
;Send minor error messages to browser errors_to_browser=false 
;PATH environment variable env_path=/bin:/usr/bin 
;Umask to set, specify in octal notation umask=0077 
; Minimum UID min_uid=100 
; Minimum GID min_gid=100 [handlers] 
;Handler for php-scripts x-httpd-suphp="php:/usr/bin/php-cgi" 
;Handler for CGI-scripts x-suphp-cgi="execute:!self"

This is all what i have done.

grep ^User /etc/httpd/conf/httpd.conf

User apache

ps -o user,cmd -p $(pidof httpd)

Quote:

USER CMD root /usr/sbin/httpd apache /usr/sbin/httpd apache /usr/sbin/httpd apache /usr/sbin/httpd apache /usr/sbin/httpd apache /usr/sbin/httpd apache /usr/sbin/httpd apache /usr/sbin/httpd apache /usr/sbin/httpd apache /usr/sbin/httpd

All your help is appreciated. I am going to use it in live server.
Thanks
[Moderator edit: Attempt to fix ridiculously long lines and restore formatting lost due to use of brain-damaged code widget.]

Posted on: 2011/11/29 5:49