The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

permissions and ownership of public_html...

Discussion in 'General Discussion' started by sopya, Aug 19, 2013.

  1. sopya

    sopya Member

    Joined:
    Apr 27, 2012
    Messages:
    15
    Likes Received:
    0
    Trophy Points:
    1
    cPanel Access Level:
    Root Administrator
    Hello,

    When we set 755 permission and ownership user:user to public_html site is working. Also when we set 750 and user:nobody to public_html site is working.

    Yes, we do have suPHP installed.

    My question is why above 2 scenario works?

    suPHP configuration is as following.

    Code:
    ====================================
    ; This file is parse anew by suPHP for each request
    ; rather than being loaded once.
    
    [global]
    ;Path to logfile
    logfile=/usr/local/apache/logs/suphp_log
    
    
    ;Loglevel
    loglevel=info
    
    
    ;User Apache is running as
    ; MANDATORY
    webserver_user=nobody
    
    
    ; Path all scripts have to be in
    ; This works as a prefix when a trailing slash is not specified.
    ; e.g. /home will match /home /home2 /home3 etc While /home/ will only match /home/
    ;
    ; Changing this to a more specific path will improve security
    docroot=/
    
    
    ;Path to chroot() to before executing script
    ;chroot=/home
    
    
    ; Security options
    allow_file_group_writeable=false
    allow_file_others_writeable=false
    allow_directory_group_writeable=false
    allow_directory_others_writeable=false
    
    
    ; Check whether script is within DOCUMENT_ROOT
    ; Does NOT perform this check on included scripts.
    ; i.e. include_once("/test3.php"); works even though it's in the root directory
    ;
    ; Changing this to true will improve security but make all php userdir requests fail
    check_vhost_docroot=false
    
    
    ; Allow the user and group specified by a ~userdir request to override the
    ; suPHP_UserGroup directive inside the source virtualhost
    ;
    ; Changing this to false will improve security but make some types of php userdir
    ; requests fail
    userdir_overrides_usergroup=true
    
    
    ; suPHP Paranoid mode checks that the target script UID and GID match
    ; the UID and GID of the user running the script.  To disable these
    ; checks change the following values to false.  Without these checks, mod_suphp
    ; is effectively running in "Force" mode.
    paranoid_uid_check=true
    paranoid_gid_check=true
    
    
    ;Send minor error messages to browser
    errors_to_browser=false
    
    
    ;PATH environment variable
    env_path="/bin:/usr/bin"
    
    
    ;Umask to set, specify in octal notation
    umask=0022
    
    
    ; Minimum UID
    ;min_uid=100
    
    
    ; Minimum GID
    ;min_gid=100
    
    ; Normally suPHP only displays the PHP binary in process lists (ps aux).
    ; Setting this option to 'true' will cause suPHP to display both the
    ; PHP binary and the script filename.
    full_php_process_display=true
    
    
    [handlers]
    ;Handler for php-scripts
    application/x-httpd-php="php:/usr/bin/php"
    application/x-httpd-php4="php:/usr/php4/bin/php"
    application/x-httpd-php5="php:/usr/bin/php"
    
    ;Handler for CGI-scripts
    ;x-suphp-cgi="execute:!self"
    
    [phprc_paths]
    ;Uncommenting these will force all requests to that handler to use the php.ini
    ;in the specified directory regardless of suPHP_ConfigPath settings.
    ;application/x-httpd-php=/usr/local/lib/
    ;application/x-httpd-php4=/usr/local/php4/lib/
    ;application/x-httpd-php5=/usr/local/lib/
    
    
    ; EasyApache 3 checks the following value to determine wether or not
    ; your suphp.conf is up to date.  Removing it will cause this file
    ; to be replaced the next time EasyApache is run
    ;
    ; cPanel suphp.conf version -- 47
    ================================================
     
  2. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    30,723
    Likes Received:
    660
    Trophy Points:
    113
    cPanel Access Level:
    Root Administrator
    Hello :)

    The following permissions/ownership values are configured for the public_html directory during account creation when suPHP is enabled:

    Permissions: 0750
    Ownership: Username:Nobody

    This changes to the following when you have mod_ruid2 enabled:

    Permissions: 0750
    Ownership: Username:Username

    While alternate permissions/ownership may not produce error messages, it's not recommended that you modify them because cPanel configures the recommended values by default.

    Thank you.
     
Loading...

Share This Page