Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!

Correct security & php settings - what file(s) do I edit and is this code correct?

Discussion in 'Security' started by Sunlander, Jul 16, 2018.

  1. Sunlander

    Sunlander Active Member

    Joined:
    May 7, 2018
    Messages:
    32
    Likes Received:
    2
    Trophy Points:
    8
    Location:
    UK
    cPanel Access Level:
    Root Administrator
    Hi,

    I need to apply some configurations which I believe need to go in to the Pre VirtualHost Include file I think?

    I need to configure security settings as follows:

    Header: Server (set to nothing)
    HTTPS (needs to be set to On)
    .htaccess (needs to be set to On)
    public_html (needs to point to the public folder which is in mysite/mycrm/public_html)

    I have 2 examples I found that should work but I don't know which is the correct structure for my conf file in easyapache WHM.



    First example:

    C:\wamp\bin\apache\apache2.4.29\conf\extra\httpd-vhosts.conf
    DocumentRoot c:/www/mysite/public_html

    <VirtualHost *:80>
    ServerName localhost
    ServerAlias localhost
    DocumentRoot c:/www/mysite/public_html
    <Directory "c:/www/mysiteM/public_html/">
    Options +Indexes +Includes +FollowSymLinks +MultiViews
    AllowOverride All
    #Require local
    Require all granted
    </Directory>
    </VirtualHost>


    Second example:

    Alias /crm /var/www/html/mysite/public_html/

    <Directory /var/www/html/mysite/public_html/>
    Options +Indexes +Includes +FollowSymLinks +MultiViews
    AllowOverride All
    #Require local
    Require all granted
    </Directory>
    Include /var/www/html/crm/apache.conf


    I also need to change php settings for these (I have added them in cpanel/multiphp editor but the changes are being ignored - I also tried adding to my.cnf as suggested by another thread but again no changes):

    output_buffering=On
    character_set_server=utf8
    character_set_database=utf8

    I hope someone can help me :)

    Kind regARDS
     
  2. cPanelMichael

    cPanelMichael Technical Support Community Manager
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    45,442
    Likes Received:
    1,961
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Twitter:
    Hello @Sunlander,

    We document the methods available to make advanced changes to the Apache configuration at:

    Advanced Apache Configuration - EasyApache 4 - cPanel Documentation

    The /etc/my.cnf file is for MySQL configuration values (E.g. character_set_server, character_set_database) as opposed to PHP configuration values (e.g. output_buffering). Can you verify the specific steps you took to make these changes, and the method you used to verify if the changes were active?

    Thank you.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  3. Sunlander

    Sunlander Active Member

    Joined:
    May 7, 2018
    Messages:
    32
    Likes Received:
    2
    Trophy Points:
    8
    Location:
    UK
    cPanel Access Level:
    Root Administrator
    Hi CpanelMichael,

    thanks for responding. In my.cnf I have the following:

    [mysqld]
    innodb_file_per_table=1
    default-storage-engine=MyISAM
    performance-schema=0
    max_allowed_packet=268435456
    open_files_limit=50000
    innodb_lock_wait_timeout=600
    mysql.connect_timeout=600
    max_connections=151
    query_cache_size=40M
    tmp_table_size=16M
    key_buffer_size=8M
    max_heap_table_size=16M
    skip-character-set-client-handshake
    collation-server=utf8_unicode_ci
    character-set-server=utf8

    I tried adding the last one:

    character_set_database=utf8

    Then re-started the server and it crashed all the websites and produced the following error:

    2018-07-19 10:56:23 5216 [ERROR] /usr/sbin/mysqld: unknown variable 'character_set_database=utf8'

    So I removed that line and re-started.

    In the global PHP Editor on WHM it has

    output_buffering = On

    But in my application that checks server settings it shows the value 1 when it should show On - I have checked the cpanel multi php editor settings for the individual url and that also has

    output_buffering = On

    So I don't know where the value 1 is being set.

    With regards to the .conf file, I have read the link to documentation but I still don't know what I need to add to enable the htaccess and set the document root for my site. The above 2 pieces of code where provided elsewhere but I don't know how to structure it correctly for adding to the conf file.

    Do I just need to add it in between this:

    <IfModule>


    </IfModule>
     
  4. Sunlander

    Sunlander Active Member

    Joined:
    May 7, 2018
    Messages:
    32
    Likes Received:
    2
    Trophy Points:
    8
    Location:
    UK
    cPanel Access Level:
    Root Administrator
    An update,
    I have been researching this and found a thread that shows where to find the conf file via SSH:

    nano /etc/apache2/conf/httpd.conf

    I looked through this and see it includes the VirtualHost settings for each of the sites on my server.
    So I think I can see how it needs to be structured.

    My question is, I need it to point to a public_html folder that sits inside a folder within the main public_html, for example my site url is:
    www.mysite.com

    The public_html folder I want to point to is:

    www.mysite.com/myfolder/public_html

    In the global conf file it shows the main document path as:

    DocumentRoot /home/mysite/public_html

    Do I just change that to

    DocumentRoot /home/mysite/myfile/public_html

    Or can it only be set for the main url?

    I tried this in pre-include and it went without error but it didn't do anything after re-starting apache:

    <VirtualHost *:80>
    ServerName localhost
    ServerAlias localhost
    DocumentRoot /home/mysite/myfile/public_html
    <Directory "/home/mysite/myfile/public_html/">
    Options +Indexes +Includes +FollowSymLinks +MultiViews
    AllowOverride All
    #Require local
    Require all granted
    </Directory>
    </VirtualHost>

    I also tried the same but specifying the servername as per the global conf file:

    <VirtualHost 34.35.279.142:80>
    ServerName mysite.com

    obviously with the correct host address and site name

    That didn't have any effect either
     
  5. cPanelMichael

    cPanelMichael Technical Support Community Manager
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    45,442
    Likes Received:
    1,961
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Twitter:
    MySQL documents the "character_set_database" configuration value at:

    https://dev.mysql.com/doc/refman/5.7/en/server-system-variables.html#sysvar_character_set_database

    Here's the relevant section:

    You shouldn't need to define this value since you've already added an entry for character-set-server.

    This PHP configuration value allows you to limit the size of the buffer to a maximum number of bytes. Using "On" for this PHP configuration values is considered "Unlimited", so that's why you see the "1" instead of "On". This is documented by PHP at:

    http://php.net/manual/en/outcontrol.configuration.php#ini.output-buffering

    If you only want to change an existing domain name's document root value, consider using the following instructions instead:

    Changing directory structure for all domains?

    Thank you.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  6. Sunlander

    Sunlander Active Member

    Joined:
    May 7, 2018
    Messages:
    32
    Likes Received:
    2
    Trophy Points:
    8
    Location:
    UK
    cPanel Access Level:
    Root Administrator
    Hi Michael,

    thank you. I have done everything except changing the document root. I ran this in SSH but it says the file dosn't exist (i put my website username instead of leaving it as username):

    nano /var/cpanel/userdata/username/domain.tld

    nano /var/cpanel/userdata/username/domain.tld_SSL

    and also tried:
    vi /var/cpanel/userdata/username/domain.tld

    vi /var/cpanel/userdata/username/domain.tld_SSL

    and that opens a file with lots of ~ in it and nothing else and I cannot quit it then in the normal way so have to shut Putty down.

    Am I doing it right?




     
  7. cPanelMichael

    cPanelMichael Technical Support Community Manager
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    45,442
    Likes Received:
    1,961
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Twitter:
    Hello @Sunlander,

    "username" in this example should be the cPanel account's username, and "domain.tld" should reflect the specific domain name.

    Thank you.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  8. Sunlander

    Sunlander Active Member

    Joined:
    May 7, 2018
    Messages:
    32
    Likes Received:
    2
    Trophy Points:
    8
    Location:
    UK
    cPanel Access Level:
    Root Administrator
    Hi Michael,

    unfortunately I can't use that as there will be more than one sub-site in the root of my url. However I have been researching all day and I stumbled across this which might be my answer? It says htaccess can be used to change the document directory. This is what it says:

    How to change my document root folder using an .htaccess file?
    By default your main website is loaded from the public_html folder of your account. The public_html directory is also called web root folder or document root folder. If you would like to keep your site's files in a sub folder of the public_html, and do not want the sub folder to appear as a part of the URL to your website, you can mask the subfolder from the URL by placing the following directives in the .htaccess file inside the public_html folder:

    RewriteEngine on
    RewriteCond %{HTTP_HOST} ^domain-name.com$ [NC,OR]
    RewriteCond %{HTTP_HOST} ^www.domain-name.com$
    RewriteCond %{REQUEST_URI} !folder/
    RewriteRule (.*) /folder/$1 [L]


    In the above lines you should replace the following:

    domain-name.com - Type your own domain name
    folder - Type the name of the subfolder which has the test/development website

    If there is no .htaccess file in the public_html folder you can easily create one using cPanel->File Manager. Then, type your domain name in a browser and you should see the website which is in your sub folder.

    Could this work?

    My site is HTTPS so I changed it to this:

    RewriteEngine on
    RewriteCond %{HTTPS_HOST} ^mysite.com$ [NC,OR]
    RewriteCond %{HTTPS_HOST} ^www.mysite.com$
    RewriteCond %{REQUEST_URI} !myfoldername/
    RewriteRule (.*) /mysubfoldername/$1 [L]


    in mysite.com/mysubfoldername htaccess file but again it doesn't seem to do anything
     
    #8 Sunlander, Jul 19, 2018
    Last edited by a moderator: Jul 20, 2018
  9. cPanelMichael

    cPanelMichael Technical Support Community Manager
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    45,442
    Likes Received:
    1,961
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Twitter:
    Hello @Sunlander,

    Can you expand on the sentence quoted above? There's no issue with changing the document root value to a subdirectory such as this:

    Code:
    documentroot: /home/username/public_html/subdirectory1/subdirectory2
    Changing the document root value often leads to less complications compared to setting up custom Mod_Rewrite rules.

    Thank you.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  10. Sunlander

    Sunlander Active Member

    Joined:
    May 7, 2018
    Messages:
    32
    Likes Received:
    2
    Trophy Points:
    8
    Location:
    UK
    cPanel Access Level:
    Root Administrator
    Hi Michael,

    I will try to explain.

    I have a website called www.mysite.com
    In the same public_html folder that my website files are I have 4 additional websites called:
    site1
    site2
    site3
    site4
    Each on of those sub folders has its own public_html folder within it.

    When a user enters the following url: www.mysite.com/site1

    the document root should use the public_html within site1 (and not the default public_html folder for the main website.

    So, I don't think I can use your method? Is that correct?
     
  11. cPanelMichael

    cPanelMichael Technical Support Community Manager
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    45,442
    Likes Received:
    1,961
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Twitter:
    Hello,

    That's correct. You can define a specific document root for a subdomain (e.g. site1.domain.tld), but you can't define specific document roots for subdirectories of a domain name. You would need to use custom mod_rewrite rules to redirect the subdirectory to the contents you want to load. Here are a few StackOverflow threads with examples of how you might do this:

    https://stackoverflow.com/questions/31498181/htaccess-redirect-directory-to-subdirectory
    https://stackoverflow.com/questions/22391408/redirect-directory-but-not-subdirectories-to-another-directory
    https://stackoverflow.com/questions/6174098/htaccess-redirect-folder-to-another-folder

    Thank you.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  12. Sunlander

    Sunlander Active Member

    Joined:
    May 7, 2018
    Messages:
    32
    Likes Received:
    2
    Trophy Points:
    8
    Location:
    UK
    cPanel Access Level:
    Root Administrator
    Hi Michael thanks for responding.

    I have been down the path of htaccess without success (yet). The very first examples in my opening thread actually work for others in their environments (the first on WAMP and the second on Ubunto). I thought it would be a simple case of finding out what that structure would need to be in Linux environment. However, I guess you are confirming that it would not work for sub folders of a domain? They seem to use virtual host and aliases.

    I am not at all knowledgeable in this area
     
  13. cPanelMichael

    cPanelMichael Technical Support Community Manager
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    45,442
    Likes Received:
    1,961
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Twitter:
    Hello @Sunlander,

    Can you verify which .htaccess rules you have tried? For instance, did you try the examples in all three of the links referenced in my last response?

    Thank you.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
Loading...

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice