SuPHP is a PHP handler for executing the php scripts with the permissions of their owners and it provides an additional layer of protection on servers. Please click here to read more about PHP handlers .
This blog helps you to install SuPHP on Ubuntu servers .
1. switch as root user
$sudo su –
[sudo] password for user:
2. create a test file named test.php on /var/www/ (default document root) with following contents to check whether SuPHP is installed or not
<?php
echo system(‘id’);
?>
3. Access the test.php via browser (http://yourip/test.php) , you will get something like :
uid=33(www-data) gid=33(www-data) groups=33(www-data) uid=33(www-data)
gid=33(www-data) groups=33(www-data)
This means that php scripts are executing with apache’s privileges . So you are good to proceed with SuPHP installation .
4. Install SuPHP
#apt-get install php5-cgi libapache2-mod-suphp suphp-common
5. Disable php5 and enbable SuPHP
#a2dismod php5
#a2enmod suphp
6. Restart apache
#/etc/init.d/apache2 restart
7. Access test.php again on browser and now you will get internal server error. This is due to the permission issue. Now the permission of file is root:root , but if you are running with SuPHP , the permission should be username:username
So change the permission of document root to a valid user account.
#chown -R username:username /var/www/
After changing the permission access the test.php on browser , you will get something like the following :
uid=504(usename) gid=504(username) groups=504(username) uid=504(username)
gid=504(username) groups=504(username)
If you are not seeing anything while accessing the test.php , please do the following
#vim /etc/suphp/suphp.conf
Change the line
from
env_path=/bin:/usr/bin
to
env_path=”/bin:/usr/bin”
Note : The highest level of permission for a file/folder should be 755 if you are running with SuPHP. Please keep in mind that if you are running with 777 permission you will get internal server error.
Done !!!