The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

How to compile php as CGI via WHM? Currently running php as apache.

Discussion in 'Security' started by Smaily, Sep 19, 2011.

  1. Smaily

    Smaily Well-Known Member

    Joined:
    Sep 19, 2011
    Messages:
    46
    Likes Received:
    0
    Trophy Points:
    6
    cPanel Access Level:
    Root Administrator
    I have php compiled as apache. How can I compile php as CGI and what shall I do? - Beginner on this.
    May anything go wrong and could I reverse changes if it does? Eg need of backup before I do anything?
     
  2. milind

    milind Well-Known Member

    Joined:
    Jan 15, 2006
    Messages:
    113
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    Nasik (Maharashtra), India
    cPanel Access Level:
    Root Administrator
    to compile PHP as CGI go to WHM >> Service Configuration >> Configure PHP and SuExec. under Alter Configuration you will find PHP5 Handler (if you are running php 5) and select cgi from drop down. Save the configuration.
     
  3. cPanelTristan

    cPanelTristan Quality Assurance Analyst
    Staff Member

    Joined:
    Oct 2, 2010
    Messages:
    7,623
    Likes Received:
    21
    Trophy Points:
    38
    Location:
    somewhere over the rainbow
    cPanel Access Level:
    Root Administrator
    I did want to ask why you would want to use CGI rather than either suPHP or FCGI? CGI is slower than suPHP and no more secure than it, while FCGI is faster than CGI and suPHP and FCGI is as secure. There is very little reason to use CGI any longer as the PHP handler in place of any of the other handlers that exist (suPHP, FCGI, DSO).
     
  4. Smaily

    Smaily Well-Known Member

    Joined:
    Sep 19, 2011
    Messages:
    46
    Likes Received:
    0
    Trophy Points:
    6
    cPanel Access Level:
    Root Administrator
    I was told php as apache shall never ever be used because of vulnerabilities.
    Php as CGI was supposed to be secure and less attack able.

    Mainly had issues getting MySQL some kind of attacks against my server. Simply by running one website hackers were able to take down entire server by slowly growing it's resource usage. But at this point you might be right that suphp is good for permission protection and such attacks might not happen at all, I have started using it but yet still unsure if this will be enough or shall I move over to php as CGI.
     
Loading...

Share This Page