Correct security & php settings - what file(s) do I edit and is this code correct?

Sunlander

Well-Known Member
May 7, 2018
50
4
8
UK
cPanel Access Level
Root Administrator
Hi,

I need to apply some configurations which I believe need to go in to the Pre VirtualHost Include file I think?

I need to configure security settings as follows:

Header: Server (set to nothing)
HTTPS (needs to be set to On)
.htaccess (needs to be set to On)
public_html (needs to point to the public folder which is in mysite/mycrm/public_html)

I have 2 examples I found that should work but I don't know which is the correct structure for my conf file in easyapache WHM.



First example:

C:\wamp\bin\apache\apache2.4.29\conf\extra\httpd-vhosts.conf
DocumentRoot c:/www/mysite/public_html

<VirtualHost *:80>
ServerName localhost
ServerAlias localhost
DocumentRoot c:/www/mysite/public_html
<Directory "c:/www/mysiteM/public_html/">
Options +Indexes +Includes +FollowSymLinks +MultiViews
AllowOverride All
#Require local
Require all granted
</Directory>
</VirtualHost>


Second example:

Alias /crm /var/www/html/mysite/public_html/

<Directory /var/www/html/mysite/public_html/>
Options +Indexes +Includes +FollowSymLinks +MultiViews
AllowOverride All
#Require local
Require all granted
</Directory>
Include /var/www/html/crm/apache.conf


I also need to change php settings for these (I have added them in cpanel/multiphp editor but the changes are being ignored - I also tried adding to my.cnf as suggested by another thread but again no changes):

output_buffering=On
character_set_server=utf8
character_set_database=utf8

I hope someone can help me :)

Kind regARDS
 

cPanelMichael

Administrator
Staff member
Apr 11, 2011
47,909
2,228
463
Hello @Sunlander,

We document the methods available to make advanced changes to the Apache configuration at:

Advanced Apache Configuration - EasyApache 4 - cPanel Documentation

I also need to change php settings for these (I have added them in cpanel/multiphp editor but the changes are being ignored - I also tried adding to my.cnf as suggested by another thread but again no changes):

output_buffering=On
character_set_server=utf8
character_set_database=utf8
The /etc/my.cnf file is for MySQL configuration values (E.g. character_set_server, character_set_database) as opposed to PHP configuration values (e.g. output_buffering). Can you verify the specific steps you took to make these changes, and the method you used to verify if the changes were active?

Thank you.
 

Sunlander

Well-Known Member
May 7, 2018
50
4
8
UK
cPanel Access Level
Root Administrator
Hi CpanelMichael,

thanks for responding. In my.cnf I have the following:

[mysqld]
innodb_file_per_table=1
default-storage-engine=MyISAM
performance-schema=0
max_allowed_packet=268435456
open_files_limit=50000
innodb_lock_wait_timeout=600
mysql.connect_timeout=600
max_connections=151
query_cache_size=40M
tmp_table_size=16M
key_buffer_size=8M
max_heap_table_size=16M
skip-character-set-client-handshake
collation-server=utf8_unicode_ci
character-set-server=utf8

I tried adding the last one:

character_set_database=utf8

Then re-started the server and it crashed all the websites and produced the following error:

2018-07-19 10:56:23 5216 [ERROR] /usr/sbin/mysqld: unknown variable 'character_set_database=utf8'

So I removed that line and re-started.

In the global PHP Editor on WHM it has

output_buffering = On

But in my application that checks server settings it shows the value 1 when it should show On - I have checked the cpanel multi php editor settings for the individual url and that also has

output_buffering = On

So I don't know where the value 1 is being set.

With regards to the .conf file, I have read the link to documentation but I still don't know what I need to add to enable the htaccess and set the document root for my site. The above 2 pieces of code where provided elsewhere but I don't know how to structure it correctly for adding to the conf file.

Do I just need to add it in between this:

<IfModule>


</IfModule>
 

Sunlander

Well-Known Member
May 7, 2018
50
4
8
UK
cPanel Access Level
Root Administrator
An update,
I have been researching this and found a thread that shows where to find the conf file via SSH:

nano /etc/apache2/conf/httpd.conf

I looked through this and see it includes the VirtualHost settings for each of the sites on my server.
So I think I can see how it needs to be structured.

My question is, I need it to point to a public_html folder that sits inside a folder within the main public_html, for example my site url is:
www.mysite.com

The public_html folder I want to point to is:

www.mysite.com/myfolder/public_html

In the global conf file it shows the main document path as:

DocumentRoot /home/mysite/public_html

Do I just change that to

DocumentRoot /home/mysite/myfile/public_html

Or can it only be set for the main url?

I tried this in pre-include and it went without error but it didn't do anything after re-starting apache:

<VirtualHost *:80>
ServerName localhost
ServerAlias localhost
DocumentRoot /home/mysite/myfile/public_html
<Directory "/home/mysite/myfile/public_html/">
Options +Indexes +Includes +FollowSymLinks +MultiViews
AllowOverride All
#Require local
Require all granted
</Directory>
</VirtualHost>

I also tried the same but specifying the servername as per the global conf file:

<VirtualHost 34.35.279.142:80>
ServerName mysite.com

obviously with the correct host address and site name

That didn't have any effect either
 

cPanelMichael

Administrator
Staff member
Apr 11, 2011
47,909
2,228
463
I tried adding the last one:

character_set_database=utf8

Then re-started the server and it crashed all the websites and produced the following error:

2018-07-19 10:56:23 5216 [ERROR] /usr/sbin/mysqld: unknown variable 'character_set_database=utf8'

So I removed that line and re-started.
MySQL documents the "character_set_database" configuration value at:

https://dev.mysql.com/doc/refman/5.7/en/server-system-variables.html#sysvar_character_set_database

Here's the relevant section:

The character set used by the default database. The server sets this variable whenever the default database changes. If there is no default database, the variable has the same value as character_set_server.

The global character_set_database and collation_database system variables are deprecated in MySQL 5.7 and will be removed in a future version of MySQL.

Assigning a value to the session character_set_database and collation_database system variables is deprecated in MySQL 5.7 and assignments produce a warning. The session variables will become read only in a future version of MySQL and assignments will produce an error. It will remain possible to access the session variables to determine the database character set and collation for the default database.
You shouldn't need to define this value since you've already added an entry for character-set-server.

In the global PHP Editor on WHM it has

output_buffering = On

But in my application that checks server settings it shows the value 1 when it should show On - I have checked the cpanel multi php editor settings for the individual url and that also has

output_buffering = On

So I don't know where the value 1 is being set.
This PHP configuration value allows you to limit the size of the buffer to a maximum number of bytes. Using "On" for this PHP configuration values is considered "Unlimited", so that's why you see the "1" instead of "On". This is documented by PHP at:

http://php.net/manual/en/outcontrol.configuration.php#ini.output-buffering

With regards to the .conf file, I have read the link to documentation but I still don't know what I need to add to enable the htaccess and set the document root for my site. The above 2 pieces of code where provided elsewhere but I don't know how to structure it correctly for adding to the conf file.

Do I just need to add it in between this:

<IfModule>


</IfModule>
If you only want to change an existing domain name's document root value, consider using the following instructions instead:

Changing directory structure for all domains?

Thank you.
 

Sunlander

Well-Known Member
May 7, 2018
50
4
8
UK
cPanel Access Level
Root Administrator
Hi Michael,

thank you. I have done everything except changing the document root. I ran this in SSH but it says the file dosn't exist (i put my website username instead of leaving it as username):

nano /var/cpanel/userdata/username/domain.tld

nano /var/cpanel/userdata/username/domain.tld_SSL

and also tried:
vi /var/cpanel/userdata/username/domain.tld

vi /var/cpanel/userdata/username/domain.tld_SSL

and that opens a file with lots of ~ in it and nothing else and I cannot quit it then in the normal way so have to shut Putty down.

Am I doing it right?




 

cPanelMichael

Administrator
Staff member
Apr 11, 2011
47,909
2,228
463
Hello @Sunlander,

"username" in this example should be the cPanel account's username, and "domain.tld" should reflect the specific domain name.

Thank you.
 

Sunlander

Well-Known Member
May 7, 2018
50
4
8
UK
cPanel Access Level
Root Administrator
Hi Michael,

unfortunately I can't use that as there will be more than one sub-site in the root of my url. However I have been researching all day and I stumbled across this which might be my answer? It says htaccess can be used to change the document directory. This is what it says:

How to change my document root folder using an .htaccess file?
By default your main website is loaded from the public_html folder of your account. The public_html directory is also called web root folder or document root folder. If you would like to keep your site's files in a sub folder of the public_html, and do not want the sub folder to appear as a part of the URL to your website, you can mask the subfolder from the URL by placing the following directives in the .htaccess file inside the public_html folder:

RewriteEngine on
RewriteCond %{HTTP_HOST} ^domain-name.com$ [NC,OR]
RewriteCond %{HTTP_HOST} ^www.domain-name.com$
RewriteCond %{REQUEST_URI} !folder/
RewriteRule (.*) /folder/$1 [L]


In the above lines you should replace the following:

domain-name.com - Type your own domain name
folder - Type the name of the subfolder which has the test/development website

If there is no .htaccess file in the public_html folder you can easily create one using cPanel->File Manager. Then, type your domain name in a browser and you should see the website which is in your sub folder.

Could this work?

My site is HTTPS so I changed it to this:

RewriteEngine on
RewriteCond %{HTTPS_HOST} ^mysite.com$ [NC,OR]
RewriteCond %{HTTPS_HOST} ^www.mysite.com$
RewriteCond %{REQUEST_URI} !myfoldername/
RewriteRule (.*) /mysubfoldername/$1 [L]


in mysite.com/mysubfoldername htaccess file but again it doesn't seem to do anything
 
Last edited by a moderator:

cPanelMichael

Administrator
Staff member
Apr 11, 2011
47,909
2,228
463
unfortunately I can't use that as there will be more than one sub-site in the root of my url.
Hello @Sunlander,

Can you expand on the sentence quoted above? There's no issue with changing the document root value to a subdirectory such as this:

Code:
documentroot: /home/username/public_html/subdirectory1/subdirectory2
Changing the document root value often leads to less complications compared to setting up custom Mod_Rewrite rules.

Thank you.
 

Sunlander

Well-Known Member
May 7, 2018
50
4
8
UK
cPanel Access Level
Root Administrator
Hi Michael,

I will try to explain.

I have a website called www.mysite.com
In the same public_html folder that my website files are I have 4 additional websites called:
site1
site2
site3
site4
Each on of those sub folders has its own public_html folder within it.

When a user enters the following url: www.mysite.com/site1

the document root should use the public_html within site1 (and not the default public_html folder for the main website.

So, I don't think I can use your method? Is that correct?
 

cPanelMichael

Administrator
Staff member
Apr 11, 2011
47,909
2,228
463
I have a website called www.mysite.com
In the same public_html folder that my website files are I have 4 additional websites called:
site1
site2
site3
site4
Each on of those sub folders has its own public_html folder within it.

When a user enters the following url: www.mysite.com/site1

the document root should use the public_html within site1 (and not the default public_html folder for the main website.

So, I don't think I can use your method? Is that correct?
Hello,

That's correct. You can define a specific document root for a subdomain (e.g. site1.domain.tld), but you can't define specific document roots for subdirectories of a domain name. You would need to use custom mod_rewrite rules to redirect the subdirectory to the contents you want to load. Here are a few StackOverflow threads with examples of how you might do this:

https://stackoverflow.com/questions/31498181/htaccess-redirect-directory-to-subdirectory
https://stackoverflow.com/questions...y-but-not-subdirectories-to-another-directory
https://stackoverflow.com/questions/6174098/htaccess-redirect-folder-to-another-folder

Thank you.
 

Sunlander

Well-Known Member
May 7, 2018
50
4
8
UK
cPanel Access Level
Root Administrator
Hi Michael thanks for responding.

I have been down the path of htaccess without success (yet). The very first examples in my opening thread actually work for others in their environments (the first on WAMP and the second on Ubunto). I thought it would be a simple case of finding out what that structure would need to be in Linux environment. However, I guess you are confirming that it would not work for sub folders of a domain? They seem to use virtual host and aliases.

I am not at all knowledgeable in this area
 

cPanelMichael

Administrator
Staff member
Apr 11, 2011
47,909
2,228
463
Hello @Sunlander,

Can you verify which .htaccess rules you have tried? For instance, did you try the examples in all three of the links referenced in my last response?

Thank you.