Files uploaded with php scripts are owned by apache - how to install suPhp

When php is in it's default state "CLI", php scripts run as the apache user.
If any files are uploaded or created with php, then the files will be saved as the apache user.

If you'd like to have php run as the system user instead of "apache", then you'd need to install suPhp.

suPhp is an option that can be set when installing the custombuild script:
http://files.directadmin.com/services/custombuild/1.1

To do so, type, after the "./build update_data" command, use this:

./build set php5_cgi yes
./build set php5_cli no
./build all d
./build rewrite_confs


Note that all logs for suPhp are stored in:
/var/log/suphp.log

If you get any "Internal Server Error" messages, check the suphp.log to see why.
Usually, things like writeable by "all" or "group" ... or having the incorrect ownership of the file would cause this.
Note that directories cannot be set to 777 with suPhp.  755 is usually the max permissions for directories (you don't need 777 with suphp since php writes as the User).
Files should be no more than 644, but php files can be 600 since they're read in by the User (security benefit with suPhp).
All files/folders must be chowned to the user, and not to apache.

You may need to rewrite the webapps php scripts to reset the ownerships if you get internal server errors with them, eg:

./build roundcube
./build squirrelmail
./build phpmyadmin


Was this article helpful?

mood_bad Dislike 0
mood Like 0
visibility Views: 10382