Installing suPHP & Internal Server Errors

What is the difference between suPHP and “regular” PHP?

Our regular installation of PHP has always run as the user “nobody” (a fact that often causes issues with temporary files and caches created by the webserver) and does not require the execute flag to run. This inherently creates a security risk that may allow other users to alter/view your files in certain circumstances.

suPHP fixes some of these problems because it requires all PHP scripts to run with the permissions of their owners, this in turn fixes common ownership problems of files in both Joomla and WordPress.

PHP Directives in .htaccess

Several users will have configured their site to read information from the .htaccess files which controls how PHP operates within their user directory. suPHP does not support these directives in .htaccess files, so any php_flag or php_admin_value directories in a .htaccess will need to be moved to a php.ini (which users should create in their public_html folder).

For example if a .htaccess turned register globals on in the following way:

php_flag register_globals on

This would need migrating to a php.ini file as:

register_globals=on

All PHP flags in .htaccess will REQUIRE to be migrated to php.ini.

500 – Internal Server Error

This is the most common error after installing suPHP so we’ve provided this as a troubleshooting guide.

  1. Check the cPanel Error Log (cPanel >> Error Log), this will help to diagnose the issue. In most cases the problems will be related to one of the two following issues.
  2. Have all the PHP directives been moved from .htaccess to php.ini?
  3. Directories that require write permissions will no longer require 777 permissions (which are very insecure) instead change these to 755.
  4. suPHP will refuse to serve any page it believes to be a security risk, for example 777 permission pages – these will generate an Internal Server Error.

Protecting php.ini

It is wise to take steps to protect php.ini from prying eyes by making it’s permissions 600. It is also possible to add the following to a .htaccess:


<Files *.ini>
Order deny,allow
Deny from All
</Files>

3rd Party Applications

If problems are encountered with 3rd party applications (WordPress, Joomla etc) please contact the vendor directly to check how to make their software work under suPHP.

Any servers not already using suPHP at BetterWebSpace will be doing so soon – so be ready for when the upgrades take place.

Backing Up MySQL Databases

Most customers will know that we always remind them to make their own backups, it’s for their own peace of mind as our current service doesn’t offer backups (we say current because as of today that is very much a “watch this space”).

Backing up your files is often as simple as having the copy you’ve recently uploaded to your website on your home PC, or being able to reinstall the software from the wherever you installed it before. Databases aren’t quite so easy….

Let’s start simply, here’s how you can get a copy of your database dropped into your home directory on a daily or weekly basis.

Daily/Weekly Backup
1. Using your cPanel navigate your way to cron jobs.
2. Choose the “Advanced (Unix Style)” layout.
3. You’ll have some options to fill out here:

Minute: ?? Set this to an appropriate minute past the hour, we don’t give an example so everyone doesn’t set it for the same time!
Hour: ?? Set this for the hour time you want the backup to be done (overnight UK is usually best!)
Day: * Putting a * in here will cause this to be run every day of the week.
Month: * Putting a * in here will cause this to be run every month.
Weekday: ?? 0 would run every sunday, * would run every day

Now we get on to the command:
mysqldump –opt -Q -u dbusername –password=dbpassword dbname > /pathto/backups/sunday.sql

dbusername is the name of your database user (prefixed with your cPanel username).
dbpassword is the password to your database.
dbname is the name of your database (prefixed with your cPanel username).
/pathto/backups/sunday.sql is the path to the file /home/username/something.sql.

This should provide you with either a weekly or daily backup of your MySQL data in your home directory.

Newsletter: Mail Conversions and Changes

It’s been a while since I wrote a newsletter, let alone wrote one in our new look blog format. A lot has changed since then, we have:

Despite the economic slowdown, BetterWebSpace is going from strength to strength and is busier than ever, hence the lack of newsletters in a while!. So let’s have a look at a few of the changes that are going to be happening in the near future.

Mailbox -> Maildir Upgrades

Previously (as  far back as 2007) cPanel upgraded the mail system within the cPanel build to the new maildir format in an effort to reduce some of the file locking and CPU issues we’d seen in earlier releases.

Most servers had this upgrade but two were held back due to other upgrades going on at the same time.

There will be a maintenance window over the next two weekends for these upgrades to be completed.

PHP Modules

We’ve also had several requests for PHP modules recently so a recompile of Apache will be done on Hermione tonight which may result in some downtime.

Maintenance Windows

Server Time (GMT) Date Summary of work
Hagrid 0100-0500 June 13th Maildir Upgrades, please backup your account/email before the upgrade.
Dumbledore 0100-0500 June 20th Maildir Upgrades, please backup your account/email before the upgrade.
Hermione 0100-0500 June 11th Apache recompile for PHP modules

In future we will announce all minor upgrades (e.g. Hermione’s recompile of Apache) via Twitter only and status updates will be provided there if any problems are encountered (http://www.twitter.com/BetterWebSpace), why not follow us for instant updates?

There are plenty more changes coming in the not too distant future so I’ll keep this newsletter brief and be in touch soon!