need help after easyapache update

[ladydi711]

I ran the easyapache (selected option 2) last night.

This morning one of my customers calls that his scripts are not working. Specifically the $PHP_AUTH_USER and $PHP_AUTH_PW variables.

I am also getting a warning on one of my osCommerce sites since the update: Warning: I am able to write to the configuration file: /home/supprod/public_html/catalog/includes/configure.php. This is a potential security risk - please set the right user permissions on this file.

Can someone point me in the right direction?

 

[anand]

Originally posted by ladydi711
I ran the easyapache (selected option 2) last night.

This morning one of my customers calls that his scripts are not working. Specifically the $PHP_AUTH_USER and $PHP_AUTH_PW variables.

I am also getting a warning on one of my osCommerce sites since the update: Warning: I am able to write to the configuration file: /home/supprod/public_html/catalog/includes/configure.php. This is a potential security risk - please set the right user permissions on this file.

Can someone point me in the right direction?

Did you try to manually select the php modules and compile it ??

 

[ladydi711]

For now I've re-run easyapache and used option 1 (no phpsuexec). It seems that phpsuexec is the "problem", but I do not have enough experience to fully understand why.

At some point I would like to re-visit this... but it makes me a bit gun-shy about updates

 

[anand]

Originally posted by ladydi711
For now I've re-run easyapache and used option 1 (no phpsuexec). It seems that phpsuexec is the "problem", but I do not have enough experience to fully understand why.

At some point I would like to re-visit this... but it makes me a bit gun-shy about updates

Well there have been times when phpsuexec has broken scripts. As i know phpsuexec is not 100% compatible with all scripts.

Probably you should hire someone else to do it for you and meanwhile check on that script's forums/ support where things went wrong.

 

[Annette]

I am also getting a warning on one of my osCommerce sites since the update: Warning: I am able to write to the configuration file: /home/supprod/public_html/catalog/includes/configure.php. This is a potential security risk - please set the right user permissions on this file.

Once you enable phpsuexec, scripting issues of this nature are the same as dealing with any CGI script. The permissions (and ownership) must be set properly. The above message likely means that the config script is probably 777 or 644, and needs to be reset so that only the script owner can write to it. This avoids the potential for abuse of the config and disruption of the site (or server).

That said, phpsuexec is not for everyone, and can be a headache to deal with post-enabling. If you're going that route, you should plan it well in advance, have some ready-made answers available for certain types of issues (people who use php overrides in their .htaccess files will need to switch to php.ini, for instance), and be ready to deal with things that break afterwards - since something always breaks, usually due to permissions/ownership needing to be changed.

 

[Nico]

The latest Apache update killed httpd on our server today.

pid file /usr/local/apache/logs/httpd.pid overwritten -- Unclean shutdown of previous Apache run?

Config test shows no errors - reboot did not change and a recompile from SSH and WHM both result in httpd not starting.

Any ideas?

 

[Annette]

What does tailing /usr/local/apache/logs/error_log show when you restart apache and try to access a site on the server? The unclean shutdown item is fairly common on cPanel servers and in itself is not indicative of a problem with apache per se.

 

[Nico]

It's fixed now. That's all it showed in the error_log... A recompile from expert mode got it going. Thanks to Adam Wien with Cpanel support.

 

[ladydi711]

Originally posted by anand
Well there have been times when phpsuexec has broken scripts. As i know phpsuexec is not 100% compatible with all scripts.

Probably you should hire someone else to do it for you and meanwhile check on that script's forums/ support where things went wrong.

Thanks for all comments on this. I did find the osCommerce problem; that was an easy permissions issue to find.

The $PHP_AUTH_USER and $PHP_AUTH_PW variables being blank is one I couldn't figure. It is a custom app (by my customer!) so he is the only "forum" support. Removing phpsuexec made it all better

But now, acording to my glaring red WHM, it looks like I need to do another easyapache update!

Thanks again,
Diane