PHP can't write files

[Ryan_G]

I have an issue where PHP should generate a PDF in a folder called 'invoices' when a customer completes a purchase. This was working fine and then stopped without any changes to the PHP scripts.

After a bit of investigation (see this stack overflow thread for the details) it seems that the problem is that the PHP is not able to write due to file ownership issues. Files cannot be generated when the folder has ownership 'cpanelusername:cpanelusername' but are successfully generated when the folder has ownership 'nobody:cpanelusername'. However, the correct ownership of folders needs to be 'cpanelusername:cpanelusername'.

I have been recommended that I add 'nobody' to the 'cpanelusername' group so that PHP is then part of this group.

So a few questions:

Is this likely the correct solution and are their any security issues with doing this?

How do I check what members already exist in the 'cpanelusername' group? Note I can just about use WHM terminal with step-by-step instructions.

How do I add 'nobody' to the 'cpanelusername' group using WHM terminal?

Thanks for your help

 

[cPRex]

Hey there! I don't think that is the correct solution. The better solution would be to ensure you're processing PHP as the user, and not as nobody. This can be done by adjusting the Apache handler (suphp, lsapi, CGI with suexec). You can find more details about the differences in PHP handler here:

PHP Handlers | cPanel & WHM Documentation

PHP handlers contain libraries that the Apache web server uses to interpret and run PHP code.

docs.cpanel.net

 

[Ryan_G]

Thanks for getting back to me. One issue I have with changing to SuPHP is that the site is very complex and has been working successfully for years with PHP as nobody (it's a VPS with one site and me being the only user) so I don't want to change anything major as I'm worried it will break other things.

 

[cPRex]

If that's the case, it will almost certainly break things, but it's better to break them when you're ready for it than when it is unexpected.

I'd just plan to do that work during non-peak hours for the site, but you can always switch back to your current handler if you can't fix any issues that may come up.

 

[Ryan_G]

If it's likely to break things I don't think I can go down that road - the site monitors a large number of customers' websites and sends over 5000 HTTP requests every minute, 24/7 so there is no real off-peak.

Ideally I just want to find (or make a best estimate) as to what has changed to prevent PHP generating the files and fix it.

 

[cPRex]

Have you made any updates recently? What version of PHP are you using?

 

[Ryan_G]

I haven't made any updates recently - this actually happened months ago and it was a while before I noticed it. Since then I have just put a workaround in place manually generating the invoices but that's becoming inconvenient.

The PHP version is 7.0 - I know this is outdated but this is a side project and I don't have much time to work on it.

 

[cPRex]

It sounds like it might be time to overhaul the site in general.

If all your permissions are 644 for files and 755 for directories, and everything is owned by user:user, I don't see why changing the handler *should* break anything. Any other workarounds are just that - workarounds - and could cause unexpected behavior in the future. I'm sorry I don't have a quicker fix available, but if the handler change does break things it's just a matter of running EasyApache again to put the old one back.

 

[Ryan_G]

OK thanks for the info - appreciate it.