Posted by xeno007, 12-07-2008, 09:56 PM | httpd running under user nobody
Hi all.
I have read that running httpd under user nobody is not safe at all so I installed mod_suhosin and suphp but still the httpd is running under user nobody.
Could anyone suggest me how to check if they are installed good and are they working? I don't know why is this happening
Thanks in advance.
|
Posted by yah0m, 12-07-2008, 10:35 PM | Quote:
Originally Posted by xeno007
Hi all.
I have read that running httpd under user nobody is not safe at all so I installed mod_suhosin and suphp but still the httpd is running under user nobody.
Could anyone suggest me how to check if they are installed good and are they working? I don't know why is this happening
Thanks in advance.
1. Its not that big a security risk if done right. (no one else running as that user)
2. suosin/suphp have nothing to do with the user.
3. edit httpd.conf and change the user/group
|
Posted by vapetrov, 12-07-2008, 10:41 PM | Run
pstree -u
and you'll see httpd processes owner.
If you configured suphp correctly php scripts will run under various usernames depending on parameters in virtual hosts. You'll it by pstree -u also.
__________________
Private remote administrator of Linux servers - www.petrov.ks.ua
Quality hosting - Host-Web-Site.com
|
Posted by vx|brian, 12-07-2008, 10:44 PM | Apache will always run under the username nobody, the security problem is present if PHP scripts are being executed as nobody too. If you have suPHP, you should notice PHP processes are under the user and httpd are under nobody.
__________________â vexxhost web hosting: Innovative high performance web hosting solutions.
â Operating at our own private datacenter space
|
Posted by ZoomS, 12-08-2008, 03:52 AM | It's not a security problem if Apache runs under the user nobody. You should prevent PHP and cgi scripts running under the user nobody.
|
Posted by xeno007, 12-08-2008, 01:18 PM | Now I got it
I managed to enable suphp for php but many websites (php) on my server stopped working and they are giving 500 Internal Error. I had to disable it to bring everything back. Anyone knows why this happens and maybe have some easy fix? Thanks alot
|
Posted by hightekhosting, 12-08-2008, 04:23 PM | Yep, I know your issue and an easy fix.
File and folder permissions on the sites need to be changed in order for the to run under suPHP
Folders must be changed from 777 to 755 and files from 666 to 644
If your running cPanel, perform the following steps via CLI (SSH)
# /scripts/postsuexecinstall
# /scripts/chownpublichtmls
# cd /home
# find -perm 777 -exec chmod 755 {} \; -print
# find -perm 666 -exec chmod 644 {} \; -print
# /scripts/fixsuexeccgiscripts
Run each command, one at a time and be sure you do them in order.
That will get you out of strife
Cheers,
Dale E
__________________Hightek Hosting
Low cost, affordable cPanel
|
Posted by xeno007, 12-08-2008, 05:24 PM | Finally... God bless you Dale!
|
|
Add to Favourites
Print this Article |