Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

mod_ruid2 with php-fpm

Discussion in 'EasyApache' started by SactoBob, Jun 26, 2017.

  1. SactoBob

    SactoBob Member

    Joined:
    Aug 15, 2015
    Messages:
    15
    Likes Received:
    1
    Trophy Points:
    3
    Location:
    Sacramento
    cPanel Access Level:
    DataCenter Provider
    I couldn't find an exact answer regarding this. Are mod_ruid2 with php-fpm compatible? When I go to the php manager section, I get an informational box wanting me to install php-fpm, which from my understanding is more efficient as well the php via cgi? I'd like to install that, but I don't want to give up the "run as user" and jail environment.

    -SactoBob
     
  2. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    38,658
    Likes Received:
    1,425
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Hello,

    Yes, you can use PHP-FPM with Mod_Ruid2 and the "Jail Apache Virtual Hosts using mod_ruid2 and cPanel® jailshell." option in "WHM >> Tweak Settings".

    Thank you.
     
  3. linuxman1

    linuxman1 Registered

    Joined:
    Aug 25, 2017
    Messages:
    1
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    Egypt
    cPanel Access Level:
    Root Administrator
    But what will be the benefits? will Jail Apache protect the server's file system from attacks coming via Virtual hosts PHP compromised sites when we use Jail Apache with anything but DSO?
    As I read once on Cpanel docs that we must use Jail Apache, mod_ruid2 with DSO to gain benefits, also I tried it my self, through PHP on a compromized web site I could browse the whole /etc although the Jail Apache was active with ruid2, and Cpanel Advisor says every thing is fine, but when I used DSO+openbase_dir protection, the tries failed to reach anything out side the home of the user.
    So I wish to use PHP-FPM on Cpanel instead of DSO, but only because of this security issue, I can't, do you have any advice?
     
  4. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    38,658
    Likes Received:
    1,425
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Hello,

    To clarify from my last response, you can have PHP-FPM installed on the server along with DSO/Ruid2. That said, while you can have both readily available for use with your accounts, you can't actually use PHP-FPM and Ruid2 at the same time for a domain name. You'd have to use one or the other for each domain name (e.g. enabling PHP-FPM for a domain name disables DSO/Ruid2 for that domain name).

    If you are open to using CloudLinux, there's a thread here you may find helpful:

    Cloudlinux, EA4 and PHP Handlers. Impossible Triangle?

    Thank you.
     
Loading...

Share This Page