The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Ea3 and secure php

Discussion in 'General Discussion' started by adapter, Nov 12, 2007.

  1. adapter

    adapter Well-Known Member
    PartnerNOC

    Joined:
    Sep 17, 2003
    Messages:
    391
    Likes Received:
    0
    Trophy Points:
    16
    Hi

    i have install a new box with Cpanel 11 and Apache 2.2 now i would try to use a secure php configuration, i have compile php with fastcgi but i dont see it in php -m and apache request still show "nobody" user, which ea setting i need to enable to get a good php conf?

    [PHP Modules]
    bcmath
    bz2
    calendar
    ctype
    curl
    date
    dbase
    dom
    exif
    filter
    ftp
    gd
    gettext
    hash
    iconv
    imap
    json
    libxml
    mbstring
    mcrypt
    mhash
    mime_magic
    mysql
    pcre
    posix
    Reflection
    session
    SimpleXML
    soap
    sockets
    SPL
    standard
    tokenizer
    xml
    xmlreader
    xmlrpc
    xmlwriter
    xsl
    zip
    zlib
     
  2. cPanelDavidG

    cPanelDavidG Technical Product Specialist

    Joined:
    Nov 29, 2006
    Messages:
    11,279
    Likes Received:
    8
    Trophy Points:
    38
    Location:
    Houston, TX
    cPanel Access Level:
    Root Administrator
  3. adapter

    adapter Well-Known Member
    PartnerNOC

    Joined:
    Sep 17, 2003
    Messages:
    391
    Likes Received:
    0
    Trophy Points:
    16
    thanks for the link, searching on the forum i have read that the better way is to use SuPhp + fastcgi but other people say that suphp take a lot of server resource, so what do u think that we need to use to get the php request with the userid of the account?
     
  4. cPanelDavidG

    cPanelDavidG Technical Product Specialist

    Joined:
    Nov 29, 2006
    Messages:
    11,279
    Likes Received:
    8
    Trophy Points:
    38
    Location:
    Houston, TX
    cPanel Access Level:
    Root Administrator
    * SNIPPED *

    Another issue can be if you have several thousand accounts serving PHP and now you have many more instances of SuPHP in memory than you really need to be there due to FastCGI. Keep in mind, FastCGI enhances performance by keeping instances of the interpreter in memory longer than it's really needed (in anticipation of a future request, so disk I/O of loading the interpreter is avoided). * SNIPPED *This may not be an ideal solution for those with many accounts or limited memory resources.

    In production, I haven't encountered noticeable sluggishness on the part of SuPHP and I personally like the security it provides. I have found myself thanking SuPHP from preventing scripts I was experimenting with from going too far in terms of messing with my permissions etc. I enjoy using it as a rudimentary filtering tool to filter the good PHP scripts from the not so good PHP scripts on accounts where I'm experimenting with PHP scripts I'm not familiar with.

    As a PHP guy myself, if it's my own server only running my own websites, I'd prefer to employ caching at the application level (if it's supported by the PHP application either natively or via a plugin like wp-cache for WordPress) rather than the server level, as application level caching can even avoid the need to use a PHP interpreter for most requests if set up correctly (as the output from PHP scripts is cached to static HTML/XML/etc.).

    EDIT: I've been kindly informed by the developers that SuPHP doesn't act like SuExec with regards to FastCGI Implementation.
     
    #4 cPanelDavidG, Nov 13, 2007
    Last edited: Nov 13, 2007
Loading...

Share This Page