The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

configuring FastCGI

Discussion in 'General Discussion' started by sehh, Sep 26, 2008.

  1. sehh

    sehh Well-Known Member

    Joined:
    Feb 11, 2006
    Messages:
    579
    Likes Received:
    5
    Trophy Points:
    18
    Location:
    Europe
    I'm trying to move from CGI/suphp to FastCGI/suphp and while reading the EA3 documentation, i found the following two statements:

    Before render our servers unusable, can someone explain what the above two statements mean? The documentation doesn't say how to properly configure everything, it just says that its very... advanced !? :)
     
  2. cPanelDavidG

    cPanelDavidG Technical Product Specialist

    Joined:
    Nov 29, 2006
    Messages:
    11,279
    Likes Received:
    8
    Trophy Points:
    38
    Location:
    Houston, TX
    cPanel Access Level:
    Root Administrator
    By "Userdir requests do not function with the FCGI setup provided by cPanel." - it means that if you select the option to use FCGI (Fast CGI) - then requests to http://YourServer/~username will not be served. You lose mod_userdir capabilities by doing this.

    By "With the standard cPanel FCGI configurations, the PHP binary is available as a URL in the VirtualHost. This should not be considered a very secure setup." - it is warning you that your PHP binary can be accessed via a URL in this setup. This is not secure. If you are concerned about security, you should not use a standard FCGI configuration. If you are unaware of how to correct this situation yourself and are concerned about security, you may consider not using FCGI.
     
  3. sehh

    sehh Well-Known Member

    Joined:
    Feb 11, 2006
    Messages:
    579
    Likes Received:
    5
    Trophy Points:
    18
    Location:
    Europe
    You are not making it easy for me :D

    I'm using apache 2.2, php 5.2.6 with suphp at the moment, this setup is very secure but DEAD SLOW. It loads a separate php process per request and does not scale at all. Once there are multiple requests per second the server load goes over 10.

    I'm interested to go to FastCGI+suphp+eAccelerator, so far thats the fastest and more secure configuration, each user gets his own php "server" process and all processing goes through there, it ensures scripts run as the user who owns them while running as fast as possible with the php processes running permanently.

    So yes, i'm unaware of how to correct FastCGI from allowing the php binary to be accessed from a URL, but i'm serious about this issue and i'm going to learn how to do it.

    I don't understand why it should be such a secret, i'm sure a HOWTO guide would help everyone.
     
  4. cPanelKenneth

    cPanelKenneth cPanel Development
    Staff Member

    Joined:
    Apr 7, 2006
    Messages:
    4,460
    Likes Received:
    22
    Trophy Points:
    38
    cPanel Access Level:
    Root Administrator
    I *think* what most FastCGI setups use is a wrapper script, which is accessible via the URL, rather than the actual PHP binary. For example, what was recently posted here: http://forums.cpanel.net/showthread.php?t=87873&goto=newpost
     
Loading...

Share This Page