SuPHP Install and security fixing
SuPHP Install and security fixing
Hi
SuPHP says "It provides security, because the PHP scripts are not run with the rights of the webserver's user."
In security wise : I have only root user now. How do i create an normal linux user and assign SuPHP to that user group?
How do i install SuPHP?
yum install suphp is returning no package found in centos 6
Thanks
SuPHP says "It provides security, because the PHP scripts are not run with the rights of the webserver's user."
In security wise : I have only root user now. How do i create an normal linux user and assign SuPHP to that user group?
How do i install SuPHP?
yum install suphp is returning no package found in centos 6
Thanks
-
- Posts: 29
- Joined: 2008/04/20 21:01:10
- Contact:
Re: SuPHP Install and security fixing
rebuild this package
could not upload zip !
Sorry.
[img]http://www.w3bservice.de/images/compu-ente/Bildschirmfoto-402.png[/img]
Here the package
[url=http://www.w3bservice.de/images/compu-ente/src-rpm-mod_suPHP.zip]suPHP src.rpm[/url]
could not upload zip !
Sorry.
[img]http://www.w3bservice.de/images/compu-ente/Bildschirmfoto-402.png[/img]
Here the package
[url=http://www.w3bservice.de/images/compu-ente/src-rpm-mod_suPHP.zip]suPHP src.rpm[/url]
Re: SuPHP Install and security fixing
Can i install it using yum?
How to configure it to work with apache (httpd) ?
Thanks
How to configure it to work with apache (httpd) ?
Thanks
Re: SuPHP Install and security fixing
I got the file from suphp.org using wget
I have extracted the tar in tmp
I am not able to configure it
Can you help in installing and configuring it with httpd?
Thanks
I have extracted the tar in tmp
I am not able to configure it
Can you help in installing and configuring it with httpd?
Thanks
-
- Posts: 29
- Joined: 2008/04/20 21:01:10
- Contact:
Re: SuPHP Install and security fixing
you can get the binary rpm from my server
[url=http://www.w3bservice.de/images/compu-ente/mod_suphp-0.7.1-2.el6.i686.rpm]mod_suphp-0.7.1-2.el6.i686.rpm[/url]
[url=http://www.howtoforge.com/perfect-server-centos-6.0-x86_64-ispconfig-3]Perfectserver ISP-Config 3 CentOS 6[/url]
My rpm install with yum localinstall mod_suphp-0.7.1-2.el6.i686.rpm --nogpgcheck and yum is resolving the depencies.
[url=http://www.w3bservice.de/images/compu-ente/mod_suphp-0.7.1-2.el6.i686.rpm]mod_suphp-0.7.1-2.el6.i686.rpm[/url]
[url=http://www.howtoforge.com/perfect-server-centos-6.0-x86_64-ispconfig-3]Perfectserver ISP-Config 3 CentOS 6[/url]
My rpm install with yum localinstall mod_suphp-0.7.1-2.el6.i686.rpm --nogpgcheck and yum is resolving the depencies.
Re: SuPHP Install and security fixing
I am sorry. I didn't get properly. I am a newbie. I just wanted to secure the server.
Perfect Server is using ISPCONFIG. I haven't planned to use any cpanel
Just ftp and phpmyadmin is enough for me.
Is there any tutorial where i can find the installation and configuration of SuPhp?
Thanks
Perfect Server is using ISPCONFIG. I haven't planned to use any cpanel
Just ftp and phpmyadmin is enough for me.
Is there any tutorial where i can find the installation and configuration of SuPhp?
Thanks
Re: SuPHP Install and security fixing
I just installed suphp.
But after restarting apache (service httpd restart)
I got the following error.
Starting httpd: httpd: Syntax error on line 221 of /etc/httpd/conf/httpd.conf: Syntax error on line 1 of /etc/httpd/conf.d/suphp.conf: Cannot load /etc/httpd/modules/mod_suphp.so into server: /etc/httpd/modules/mod_suphp.so: cannot open shared object file: No such file or directory
How to fix this?
But after restarting apache (service httpd restart)
I got the following error.
Starting httpd: httpd: Syntax error on line 221 of /etc/httpd/conf/httpd.conf: Syntax error on line 1 of /etc/httpd/conf.d/suphp.conf: Cannot load /etc/httpd/modules/mod_suphp.so into server: /etc/httpd/modules/mod_suphp.so: cannot open shared object file: No such file or directory
How to fix this?
Re: SuPHP Install and security fixing
What architecture are you using? The link that was posted was to an i686 RPM and /etc/httpd/modules is a symlink to ../../usr/lib64/httpd/modules on my 64 bit system so would not work. If you have a 64 bit install then you will need a 64 bit RPM to match it.
Re: SuPHP Install and security fixing
Please note that mod_suphp was developped for Apache 1.3.2x and Apache
2.0.x. It might not work with other version.
I am using httpd 2.2.x
This is what i have done so far.
It will be great if you can guide me from this.
[code]wget http://www.suphp.org/download/suphp-0.7.1.tar.gz[/code]
[code]tar -xzvf suphp-0.7.1.tar.gz[/code]
[code]cd suphp-0.7.1[/code]
[code]./configure --prefix=/usr/ --sysconfdir=/etc --with-apr=/usr/bin/apr-1-config --with-apxs=/usr/sbin/apxs --with-apache-user=apache \
--with-setid-mode=owner --with-php=/usr/bin/php-cgi --with-logfile=/var/log/httpd/suphp_log --enable-SUPHP_USE_USERGROUP=yes[/code]
[code]make && make install[/code]
Then, I added two config files in the following directory.
[code]/etc/httpd/conf.d/suphp.conf[/code]
[code]LoadModule suphp_module modules/mod_suphp.so[/code]
[code]/etc/suphp.conf[/code]
[code]
[global] ;Path to logfile logfile=/var/log/httpd/suphp.log
;Loglevel loglevel=info
;User Apache is running as webserver_user=apache
;Path all scripts have to be in docroot=/
;Path to chroot() to before executing script ;chroot=/mychroot
; Security options allow_file_group_writeable=true allow_file_others_writeable=false allow_directory_group_writeable=true allow_directory_others_writeable=false
;Check wheter script is within DOCUMENT_ROOT check_vhost_docroot=true
;Send minor error messages to browser errors_to_browser=false
;PATH environment variable env_path=/bin:/usr/bin
;Umask to set, specify in octal notation umask=0077
; Minimum UID min_uid=100
; Minimum GID min_gid=100 [handlers]
;Handler for php-scripts x-httpd-suphp="php:/usr/bin/php-cgi"
;Handler for CGI-scripts x-suphp-cgi="execute:!self"[/code]
This is all what i have done.
[code]grep ^User /etc/httpd/conf/httpd.conf[/code]
[code]User apache[/code]
[code]ps -o user,cmd -p $(pidof httpd)[/code]
[quote]USER CMD root /usr/sbin/httpd apache /usr/sbin/httpd apache /usr/sbin/httpd apache /usr/sbin/httpd apache /usr/sbin/httpd apache /usr/sbin/httpd apache /usr/sbin/httpd apache /usr/sbin/httpd apache /usr/sbin/httpd apache /usr/sbin/httpd[/quote]
All your help is appreciated. I am going to use it in live server.
Thanks
[Moderator edit: Attempt to fix ridiculously long lines and restore formatting lost due to use of brain-damaged [i]code[/i] widget.]
2.0.x. It might not work with other version.
I am using httpd 2.2.x
This is what i have done so far.
It will be great if you can guide me from this.
[code]wget http://www.suphp.org/download/suphp-0.7.1.tar.gz[/code]
[code]tar -xzvf suphp-0.7.1.tar.gz[/code]
[code]cd suphp-0.7.1[/code]
[code]./configure --prefix=/usr/ --sysconfdir=/etc --with-apr=/usr/bin/apr-1-config --with-apxs=/usr/sbin/apxs --with-apache-user=apache \
--with-setid-mode=owner --with-php=/usr/bin/php-cgi --with-logfile=/var/log/httpd/suphp_log --enable-SUPHP_USE_USERGROUP=yes[/code]
[code]make && make install[/code]
Then, I added two config files in the following directory.
[code]/etc/httpd/conf.d/suphp.conf[/code]
[code]LoadModule suphp_module modules/mod_suphp.so[/code]
[code]/etc/suphp.conf[/code]
[code]
[global] ;Path to logfile logfile=/var/log/httpd/suphp.log
;Loglevel loglevel=info
;User Apache is running as webserver_user=apache
;Path all scripts have to be in docroot=/
;Path to chroot() to before executing script ;chroot=/mychroot
; Security options allow_file_group_writeable=true allow_file_others_writeable=false allow_directory_group_writeable=true allow_directory_others_writeable=false
;Check wheter script is within DOCUMENT_ROOT check_vhost_docroot=true
;Send minor error messages to browser errors_to_browser=false
;PATH environment variable env_path=/bin:/usr/bin
;Umask to set, specify in octal notation umask=0077
; Minimum UID min_uid=100
; Minimum GID min_gid=100 [handlers]
;Handler for php-scripts x-httpd-suphp="php:/usr/bin/php-cgi"
;Handler for CGI-scripts x-suphp-cgi="execute:!self"[/code]
This is all what i have done.
[code]grep ^User /etc/httpd/conf/httpd.conf[/code]
[code]User apache[/code]
[code]ps -o user,cmd -p $(pidof httpd)[/code]
[quote]USER CMD root /usr/sbin/httpd apache /usr/sbin/httpd apache /usr/sbin/httpd apache /usr/sbin/httpd apache /usr/sbin/httpd apache /usr/sbin/httpd apache /usr/sbin/httpd apache /usr/sbin/httpd apache /usr/sbin/httpd apache /usr/sbin/httpd[/quote]
All your help is appreciated. I am going to use it in live server.
Thanks
[Moderator edit: Attempt to fix ridiculously long lines and restore formatting lost due to use of brain-damaged [i]code[/i] widget.]
-
- Retired Moderator
- Posts: 18276
- Joined: 2006/12/13 20:15:34
- Location: Tidewater, Virginia, North America
- Contact:
SuPHP Install and security fixing
I can't make sense of what you have done, but [url=http://wiki.centos.org/AdditionalResources/Repositories/RPMForge]RPMforge repo[/url] has mod_suphp-0.7.1-1.el6.rf.