The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

EasyApache Option 6

Discussion in 'EasyApache' started by Nymph, Jun 18, 2003.

  1. Nymph

    Nymph Member

    Joined:
    Jun 17, 2003
    Messages:
    23
    Likes Received:
    0
    Trophy Points:
    1
    Here is what I figure the settings should be for a regular server. I was wondering if anyone had any suggestions that might be better than this. I been looking all over for information on each of the options but have not found a page for that. If anyone has any suggestions please let me know so I can recompile! I fixed it up with people's comments...

    Code:
    [ ] Attach Module (not frontpage compatible)
    [ ] Mysql Auth Module (not frontpage or php compatible
    [*] ~user bandwidth leech protection
    [ ] Dav Module
    [ ] Expires Module
    [*] Raise FD_SETSIZE to 16384 (System Wide)
    [*] Frontpage Module
    [*] Raise HARD_SERVER_LIMIT
    [ ] Perl Module (not required to run .cgi scripts/not
    Php Module --->
        [*] Php Module
        ( ) Downgrade to version 4.2.2
        ( ) Downgrade to version 4.2.3
        (*) Downgrade to version 4.3.1
        (*) Bc Math
        (*) Calendar Support
        ( ) Curl
        ( ) Curl SSL Support
        (*) Flash
        (*) FTP
        (*) GD
        (*) Imap Module
        (*) Mb String
        (*) Mcrypt
        ( ) Ming Support
        ( ) Magic Quotes
        (*) Mysql Module
        ( ) PDFlib (requires licensed, installed version)
        (*) Pear
        ( ) Postgresql (Postgres must be installed)
        ( ) Sablot XSLT [may cause problems with chili!as
        ( ) SafeMode
        (*) Sockets
        (*) Track Vars
        (*) Freetype Support
        (*) Versioning
        (*) Zlib
    [*] PHP suEXEC Support (not yet compatible with 4.3.2)
    [*] Rewrite Module
    [ ] Roaming Module (for netscape 4.5+)
    [*] SSL Module
    [*] suEXEC Module
    
     
    #1 Nymph, Jun 18, 2003
    Last edited: Jun 18, 2003
  2. ciphervendor

    ciphervendor Well-Known Member

    Joined:
    Aug 26, 2002
    Messages:
    1,052
    Likes Received:
    0
    Trophy Points:
    36
    Looks good, you may want to add:

    ( ) Curl
    ( ) Curl SSL Support

    Sometimes used for secure transactions, etc. mbstring would be a good addition as well. FrontPage module might be good as well, depending on who is using the machine.

    cPanel.net Support Ticket Number:
     
  3. Nymph

    Nymph Member

    Joined:
    Jun 17, 2003
    Messages:
    23
    Likes Received:
    0
    Trophy Points:
    1
    Thanks, I updated the list for people who might not know better like moi ;)... At least it gives people a small guideline...

    cPanel.net Support Ticket Number:
     
  4. ciphervendor

    ciphervendor Well-Known Member

    Joined:
    Aug 26, 2002
    Messages:
    1,052
    Likes Received:
    0
    Trophy Points:
    36
    I missed one. Some PHP people like to create flash on demand, so you should include Ming Support as well.

    cPanel.net Support Ticket Number:
     
  5. Angel78

    Angel78 Well-Known Member

    Joined:
    May 9, 2002
    Messages:
    413
    Likes Received:
    1
    Trophy Points:
    16
    ( ) SafeMode

    will this set Safe Mode to off? ( if not marked )

    cPanel.net Support Ticket Number:
     
  6. ciphervendor

    ciphervendor Well-Known Member

    Joined:
    Aug 26, 2002
    Messages:
    1,052
    Likes Received:
    0
    Trophy Points:
    36
    Yes.
     
  7. carlgm

    carlgm Well-Known Member

    Joined:
    Mar 25, 2003
    Messages:
    103
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    England, UK
    Here you go:

    Code:
    [ ] Attach Module (not frontpage compatible)
    [ ] Mysql Auth Module (not frontpage or php compatible
    [*] ~user bandwidth leech protection
    [ ] Dav Module
    [ ] Expires Module
    [*] Raise FD_SETSIZE to 16384 (System Wide)
    [*] Frontpage Module
    [*] Raise HARD_SERVER_LIMIT
    [ ] Perl Module (not required to run .cgi scripts/not
    Php Module --->
        [*] Php Module
        ( ) Downgrade to version 4.2.2
        ( ) Downgrade to version 4.2.3
        ( ) Downgrade to version 4.3.1
        (*) Bc Math
        (*) Calendar Support
        ( ) Curl
        ( ) Curl SSL Support
        (*) Flash
        (*) FTP
        (*) GD
        (*) Imap Module
        ( ) Mb String
        (*) Mcrypt
        ( ) Ming Support
        ( ) Magic Quotes
        (*) Mysql Module
        ( ) PDFlib (requires licensed, installed version)
        (*) Pear
        ( ) Postgresql (Postgres must be installed)
        ( ) Sablot XSLT [may cause problems with chili!as
        ( ) SafeMode
        (*) Sockets
        (*) Track Vars
        (*) Freetype Support
        (*) Versioning
        (*) Zlib
    [ ] PHP suEXEC Support (not yet compatible with 4.3.2)
    [*] Rewrite Module
    [ ] Roaming Module (for netscape 4.5+)
    [*] SSL Module
    [*] suEXEC Module
    
    I removed MB script and Ming as it's noted need unless you specifically require it.

    I removed Magic quotes as it shouldn't be enabled to start with.

    also, removed Curl as it doesn't support 4.3.2 as far as I know as of yet.

    Removed phpsuexec as that is a waste of time at the moment and doesn't support 4.3.2 also.

    Also removed the downgrade to 4.3.1 :)

    cPanel.net Support Ticket Number:
     
    #7 carlgm, Jun 18, 2003
    Last edited: Jun 18, 2003
  8. Pda0

    Pda0 Well-Known Member

    Joined:
    Jun 13, 2003
    Messages:
    70
    Likes Received:
    0
    Trophy Points:
    6
    I think you should enable php suexec, its a good security measure. (-> And downgrade to 4.3.1)

    .pd

    cPanel.net Support Ticket Number:
     
  9. carlgm

    carlgm Well-Known Member

    Joined:
    Mar 25, 2003
    Messages:
    103
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    England, UK
    No. phpsuexec just forces you to run 755+ which I do not accept as being "good".

    I would suggest adding openbase_dir to each account to lock them into their root dir, which you must set. Also disabling register globals is a smart move. :)

    cPanel.net Support Ticket Number:


    EDIT/

    Also, downgrading to 4.3.1 when 4.3.2 contains so many bug fixes isn't "good" or "wise" either.
     
  10. Faldran

    Faldran Well-Known Member

    Joined:
    May 28, 2002
    Messages:
    136
    Likes Received:
    0
    Trophy Points:
    16
    Just wanted to say, phpsuexec does not require you to run 755 it only requires 644 and it does not allow you to run as 777 or the directory set at 777 either, which I think is a good thing.

    cPanel.net Support Ticket Number:
     
  11. nocwiz

    nocwiz Registered

    Joined:
    Jun 18, 2003
    Messages:
    4
    Likes Received:
    0
    Trophy Points:
    1
    Ok, I ran this last night with the first posts recommended setup and now all my PHP files give an Internal Server Error. Any ideas how to fix this?

    cPanel.net Support Ticket Number:
     
  12. Pda0

    Pda0 Well-Known Member

    Joined:
    Jun 13, 2003
    Messages:
    70
    Likes Received:
    0
    Trophy Points:
    6
    Unless you are using a chrooted enviroment, I think suexec is a must. PHP scripts should be called with its owner's uid/gid in order to encapsulate danger in the owner's account only, imho.

    .pd

    cPanel.net Support Ticket Number:
     
  13. carlgm

    carlgm Well-Known Member

    Joined:
    Mar 25, 2003
    Messages:
    103
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    England, UK
    PHPsuexec is a very screwy at the moment.
    I would NOT recommend using it in a production set-up YET.

    cPanel.net Support Ticket Number:
     
  14. wwwhosts

    wwwhosts Well-Known Member

    Joined:
    Apr 25, 2003
    Messages:
    59
    Likes Received:
    0
    Trophy Points:
    6
    Location:
    NZ
    is phpsuexec stable enough to use with php 4.2.3 ?

    :)

    cPanel.net Support Ticket Number:
     
  15. Pda0

    Pda0 Well-Known Member

    Joined:
    Jun 13, 2003
    Messages:
    70
    Likes Received:
    0
    Trophy Points:
    6
    Ive been using it with STABLE cpanel7... no problems so far.

    .pd

    cPanel.net Support Ticket Number:
     
  16. jameshsi

    jameshsi Well-Known Member

    Joined:
    Oct 22, 2001
    Messages:
    347
    Likes Received:
    0
    Trophy Points:
    16
    OK, I have red this topic , and some of you recommend we install php suEXEC, some not, I am confused.
    Tell me if I wrong:
    1. If I change to php suEXEC, I will need to change some directory I used before from 777 to 755, and all the files in that directory that used to be 777 and create by "nobody" need to change owner to the owner of that account.
    (We have some files upload scripts we create in the past was using "nobody" to write the files uploaded, if we change to php suEXEC, we need to do some chmod and chown command. right ?)

    2. If we want to command some scripts directly (like scripts in /scripts ), after php suEXEC installed we just need to chown the php script that calling the scripts in /scripts/ to "root", right ?

    3. If we change to php suEXEC, is there any way we can change it back if we feel don't like it.

    4. We need to downgrade to version 4.2.3 of php to have php suEXEC works fine, right ?

    5. We don't need to change all the php scripts to 755.


    Thanks for your time.

    cPanel.net Support Ticket Number:
     
  17. rpmws

    rpmws Well-Known Member

    Joined:
    Aug 14, 2001
    Messages:
    1,824
    Likes Received:
    5
    Trophy Points:
    38
    Location:
    back woods of NC, USA
    I see a few new options in there on Option 6. Anyone know what the following mean?

    Use System Mysql ,-not same as mySQL module
    opemSSL support ,-never seen this one .. on cPanel box, we need this right?

    cPanel.net Support Ticket Number:
     
  18. zenpig66

    zenpig66 Active Member

    Joined:
    Nov 16, 2002
    Messages:
    43
    Likes Received:
    0
    Trophy Points:
    6
    I normally do PHP from source and the PHP mysql api is one reason I do this...I use MySQL 4.x and PHP's internal mysql api is 3.x. I imagine, though not positive, that Use System Mysql would be equivalent to --with-mysql=/usr where the 'normal' option would be --with-mysql..the later uses PHP's api and the former uses MySQL's.

    btw, forgive me if this has been discussed here for I'm just perusing, but it's thought that PHP5 when it is released will no longer include an internal mysql api and instead has to be configured to use MySQL's own.

    cPanel.net Support Ticket Number:
     
  19. zenpig66

    zenpig66 Active Member

    Joined:
    Nov 16, 2002
    Messages:
    43
    Likes Received:
    0
    Trophy Points:
    6
    arg, double post...don't know about the other one, btw :)
     
  20. DWHS.net

    DWHS.net Well-Known Member
    PartnerNOC

    Joined:
    Jul 28, 2002
    Messages:
    1,569
    Likes Received:
    6
    Trophy Points:
    38
    Location:
    LA, Costa RIca
    cPanel Access Level:
    Root Administrator
    [ ] Expires Module
    [*] Raise FD_SETSIZE to 16384 (System Wide)
    [*] Prevent Users from reading other webroots
    [*] Frontpage Module
    [ ] Gzip module
    [*] Raise HARD_SERVER_LIMIT
    [ ] Perl Module (not required to run .cgi scripts/not
    [ ] PHP suEXEC Support
    [*] Rewrite Module
    [*] SSL Module
    [*] suEXEC Module
    Php Module --->
    [*] Php Module
    ( ) Downgrade to version 4.*.*
    (*) Bc Math
    (*) Calendar Support
    (*) Curl
    (*) Curl SSL Support
    ( ) Dom XSLT
    (*) Flash
    (*) FTP
    (*) GD
    (*) GetText
    (*) Imap Module
    (*) Mb String
    (*) Mcrypt
    ( ) Mhash
    ( ) Ming Support
    (*) Magic Quotes
    (*) Mysql Module
    (*) Opensl Support
    ( ) PDFlib (requires licensed, installed version)
    (*) Pear
    (*) Postgresql (Postgres must be installed)
    ( ) Pspell Module
    ( ) Sablot XSLT [may cause problems with chili!as
    ( ) SafeMode
    (*) Sockets
    (*) Track Vars
    (*) Use system MySQL
    (*) Freetype Support
    (*) Versioning
    ( ) WDDX
    (*) Zlib

    I am doing this as of now...

    Some of them I am not sure about,

    cPanel.net Support Ticket Number:
     
Loading...

Share This Page