phpsuEXEC - causes 500 errors on some sites

[trigger hippy]

I have just rebuilt apache (via WHM) to include phpsuEXEC. (I used to have it running, but during recent rebuild, I forgot to check it when I added openSSL)

A number of my sites just get a 500 error with phpsuEXEC. They used to work fine, but now apparently not. I have had to rebuild without phpsuEXEC as I can't have all my sites offline until I have sorted this.

This is an exerpt form suEXEC log

Code:

[2006-04-03 19:32:36]: info: (target/actual) uid: (tourname/tourname) gid: (tourname/tourname) cmd: index.php
[2006-04-03 19:32:36]: error: file has no execute permission: (/home/tourname/public_html/index.php)

the file in question /home/tourname/public_html/index.php is;

Code:

-rwxr-xr-x  1 tourname tourname  2252 Apr  3 19:42 index.php*

the public_html folder is;

Code:

drwxr-x---   9 tourname nobody   4096 Apr  3 19:53 public_html/

I used dreamweaver to upload the files, it was all working before, so I am not sure how the file could have been uploaded in the wrong format. Is there any way to check?

I ran 'Fix Insecure Permissions' via WHM.

Anone got any ideas?

[Murtaza_t]

Is PhpSuexe still enable ? If yes then go to .htaccess in the public_html folder and comment all the line that has php flag in it and then try browsing your site again.

[JoeB]

Try setting all file permissions to 644 and directory permissions to 755. Since php will run as the user the 644 files will run. Also make sure you don't have any php lines in any .htaccess files as previously stated.

I turned on phpsuexec and after a bit of tweaking all is running well now.

Good luck!

[tuxdesk]

Hi,

Please check the php module is properly loaded with apache.

[webignition]

Just to add a bit of a checklist and summary of what is needed:

1. Script permission and ownership
Script should be owned by user:user and should, generally, have permissions of 0644.

2. Directory permissions and ownership (not including public_html)
A script's directory should be owned by user:user and have permisssions of 0755.

3. .htaccess
Remove any php-related settings from within .htaccess files. These will always cause an HTTP 500 response.

4. CRLFs (carriage returns and line feeds)
Windows-based editors will commonly end lines with CRLF and *nix generally prefers just LF. Sometimes, but not always, CRLF line breaks will cause PHP in CGI mode to be unhappy. CRLF line breaks will always cause mail piped to PHP scripts to fail and return error 127.

You mention you're using Dreamweaver. In DW 8, go to Edit > Preferences > Code Format > Line Break Type > and select 'LF (Unix)'. This will help for the future, but won't help with scripts that already have CRLF line breaks.

To fix CRLF line breaks, use the dos2unix tool on the affected scripts:

dos2unix /home/user/path/to/script

Once a script is fixed and confirmed working, download a fresh copy of it to your machine as the one on your machine may still have CRLF line breaks.

[trigger hippy]

I hope I am not being stupid, but in the original example - I have shown the perms on the files/folders. Is there anything wrong with this?

They are as people are suggesting aren't they?

[sawbuck]

Your original example for index.php shows perms as 655 not 644.

644 would be -rw-r--r--

[Murtaza_t]

Your original example for index.php shows perms as 655 not 644.

644 would be -rwxr--r--

I think you have been making a mistake, the original post does have 755 permission on index.php file

and

644 would be -rw-r--r--
and not -rwxr--r-- thats 744

Mean while trigger hippy did you check the .htaccess file?

[sawbuck]

I think you have been making a mistake, the original post does have 755 permission on index.php file

But the index.php should be 644 not 755

[Murtaza_t]

But the index.php should be 644 not 755

That should not be a problem unless it has read permission and does NOT have write permissions for others.

[trigger hippy]

It is a slow process as I have to keep recompiling apache to test anything (at offpeak times)

Feedback on a few suggestions...

My .htaccess files only contain commands similar to the following;

ErrorDocument 404 /404.php

or

AuthUserFile /home/resources/.adminpasswd
AuthGroupFile /dev/null
AuthName "This Area is Restricted to TradeInternet Techncial Support Administrators"
AuthType Basic
require valid-user

Are these OK?


Re permissions...
I tried 644 and it didn't help, but phpsuEXEC log is complaining about not having execute permissions (e.g. [2006-04-08 14:34:30]: error: file has no execute permission: (/home/adjustor/public_html/index.php) ).
644 doesn't give owner execute permissions, so I guess 755 would be better.

I think I need to change all permissions inside my home directory to 755 - is there a quick way of doing this, I tried chmod 755 *.php -R (in home), but it didn't like it.

I am still welcoming all help!

[trigger hippy]

After more testing, I have decided it has nopthing to do with permissions as I have a number of different sites that do work and a number of sites that don't work and they all have the same (and different perms)

Example 1 (does work):
/home/azimuthp/public_html/...

-rwxr-xr-x 1 azimuthp azimuthp 4457 Apr 3 09:32 index.php

<VirtualHost 80.175.30.22>
ServerAlias azimuthprint.co.uk
ServerAdmin webmaster@azimuthprint.co.uk
DocumentRoot /home/azimuthp/public_html
BytesLog domlogs/azimuthprint.co.uk-bytes_log
User azimuthp
Group azimuthp
ServerName www.azimuthprint.co.uk

User azimuthp
Group azimuthp
CustomLog /usr/local/apache/domlogs/azimuthprint.co.uk combined
Options -ExecCGI -Includes
</VirtualHost>

Example 2 (doesn't work):
/home/tps/public_html/...

-rwxr-xr-x 1 tps tps 11142 Mar 30 08:59 index.php

<VirtualHost 80.175.30.22>
ServerAlias tradeprintsupplies.co.uk
ServerAdmin webmaster@tradeprintsupplies.co.uk
DocumentRoot /home/tps/public_html
BytesLog domlogs/tradeprintsupplies.co.uk-bytes_log
User tps
Group tps
ServerName www.tradeprintsupplies.co.uk
ServerAlias tradeprintsupplies.com www.tradeprintsupplies.com

User tps
Group tps
CustomLog /usr/local/apache/domlogs/tradeprintsupplies.co.uk combined
Options -ExecCGI -Includes
</VirtualHost>

Does that help anyone suggest anything?

[RizyDeWino]

Its a related issue , so I am asking my question here , lets see if some one can help :

Scenario : Moving account from 'php as Apache module' server to 'php as cgi - phpsuEXEC' server. The account contains following line in its .htaccess file :

AddType application/x-httpd-php .htm .html

to make the .htm and .html file render as php , but on new server 'php as cgi' it gives internal server error ,
My question is where should this settings be done for the account on new server ?

I will appreciate if any one can help.

[webignition]

The account contains following line in its .htaccess file :

AddType application/x-httpd-php .htm .html

to make the .htm and .html file render as php , but on new server 'php as cgi' it gives internal server error ,
My question is where should this settings be done for the account on new server ?

With phpsuexec enabled, Apache no longer deals with PHP directly and so this is probably not possible.

What I'd like to know is why do you want .htm and .html files rendered as PHP files?

[trigger hippy]

I have also tried convertin all files using dos2unix. Deleting and re-uploading. None of the above worked.

A few people have mentioned that you should check if the module is installed properly... How do I check this?

Could there be any conflicts between phpsuEXEC and another module?