sonedski

Registered
Feb 20, 2008
2
0
51
Hi

I recently updated apache using easyapache and somehow, it turned on a feature that is giving me problems.

basically, when PHP uploads or creates a file, the file owner is 'nobody'. Before, my visitors can browse files/pictures owned by 'nobody'

After my apache update, i cannot access files owned by 'nobody' - I get 404 error. If I chown to the cpanel user, the file can then be accessed. Not even chmod 777 will allow viewing of the file unless the owner is the cpanel user.

Can you point me to what setting in easyapache affects this? is it mod_security??


thanks
 

madmanmachines

Well-Known Member
Nov 28, 2014
94
4
8
cPanel Access Level
Root Administrator
Hi,

This is likely due to your PHP handler in use. You may find your PHP handler configuration at WHM > Service Configuration > Configure PHP and suEXEC. I suspect you are using DSO without mod_ruid2. If this is the case, I would recommend using DSO with mod_ruid2, as this provides the same security benefits as suPHP, but also allows for opcode caching, while having less overhead. However, this is not compatible with LiteSpeed webserver, so you should select suPHP if LiteSpeed is installed.

You may use EasyApache to enable mod_ruid2. You may use WHM > Configure PHP and suEXEC to set DSO or suPHP. Once you have ensured that either DSO with mod_ruid2 or suPHP is in use, you will need to ensure all files/directories have the correct permissions/ownerships. The script below is excellent for ensuring your cPanel accounts recursively have the correct permissions/ownerships for suPHP or DSO with mod_ruid2:

boomshadow.net/tech/fixes/fixperms-script/
Auto fix for file permissions and ownership

Note, I have assumed your configuration in this response. Please ensure these assumptions are correct should you follow the advice above. You may post your configuration should you have doubts.

Thanks,
 
Last edited by a moderator:
  • Like
Reactions: MithzZ

sonedski

Registered
Feb 20, 2008
2
0
51
thanks for your reply. I just opened a ticket with cpanel and will share the result for anyone with a similar problem:

Yes, I am on DSO, but the problem was i had a feature enabled in easyapache which caused my problems:

Symlink Protection patch

disable that and problem solved.

thanks!
 

cPanelMichael

Administrator
Staff member
Apr 11, 2011
47,909
2,228
463
Hello,

Note that it's typically a better idea to use suPHP or Mod_Ruid2 to avoid nobody file ownership.

Thank you.