SuPHP has been installed on all servers. The reason why we decided to take this measure is to increase security measures.
What is the difference?
In most sites will find no difference running php as cgi with suexec. Phpsuexec runs in the same way as cgi (scipts in perl, etc.) and what it does is that all applications run with the username UID/GID, instead of doing it as an Apache module (user "nobody").
This means that all the rules applied for scripts in .cgi or .pl will also be valid for .php files. The maximum permissions allowed are 755.
777 - Should I put these permissions in a directory? The installation of the script tells me.
No, you should not put 777 in any directory, even if it is indicated by some instructions. Otherwise you will get "500 internal server error".
How do I disable safe_mode or register_globals?
Now you will not be able to use directives in the .htaccess to manipulate the php configuration. To do this, you will need to use a php.ini file. For example, if you want to disable safe_mode, you will need to create a php.ini file with the following content inside it:
safe_mode = Off
My script is still not It works, what should I do?
- Verify that none of the files have permissions greater than 755.
- Verify that the directory(s) containing the script files do not have permissions greater than 755.
- Verify that files and directories have your user as the owner (and not "nobody"). If this is the case and you cannot modify it, send us a ticket clearly indicating the files or folders and we will modify the owner from here, immediately.
- Check that within your .htaccess you don't have php values in it.
The ideal permissions would be: 755 for folders; 644 for files.