The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

php.ini per dir with php running as cgi

Discussion in 'General Discussion' started by vesko, Dec 13, 2007.

  1. vesko

    vesko Registered

    Joined:
    Dec 13, 2007
    Messages:
    1
    Likes Received:
    0
    Trophy Points:
    1
    Hello,

    Because of security concerns I'm running php as CGI+suexec instead as a module. How in this configuration I can have a php.ini per dir (or at least php.ini per virtual host)? I tried to replace the /usr/local/scripts/cgi-bin/php5 with a wrapper (intending to use the PHPRC variable) but immediately run into suexec security restrictions. Before continuing the struggle with the wrapper & suexec I decided to ask here:
    Is there a way using WHM to set this, or any other "canonical" way to do it?
    Any hints are welcome.
     
    #1 vesko, Dec 13, 2007
    Last edited: Dec 13, 2007
  2. sabarishks

    sabarishks Active Member

    Joined:
    Jun 29, 2007
    Messages:
    37
    Likes Received:
    0
    Trophy Points:
    6
    Try this...

    1. Moving php5 binary:

    mv /usr/local/cpanel/cgi-sys/php5 /usr/local/cpanel/cgi-sys/php5.bin

    2. Then creating wrapper file in the /usr/local/cpanel/cgi-sys/php5 with the following content:

    #!/bin/bash

    # This will fake the name & path and hide the /usr/local/cpanel/cgi-sys/php5 path!
    export SCRIPT_NAME=$REQUEST_URI
    export SCRIPT_FILENAME=$PATH_TRANSLATED
    export PWD=$DOCUMENT_ROOT

    if [ -f "$DOCUMENT_ROOT/php.ini" ]; then
    exec /usr/local/cpanel/cgi-sys/php5.bin -c $DOCUMENT_ROOT
    else
    exec /usr/local/cpanel/cgi-sys/php5.bin
    fi

    3. Save the file and change the permissons:

    chown root:wheel /usr/local/cpanel/cgi-sys/php5*;
    chmod 755 /usr/local/cpanel/cgi-sys/php5*;
     
  3. kenashkov

    kenashkov Active Member

    Joined:
    Nov 23, 2006
    Messages:
    33
    Likes Received:
    0
    Trophy Points:
    6
    Location:
    Sofia, Bulgaria
    cPanel Access Level:
    Root Administrator
    Hi,
    I managet to get it working per virtual host with this wrapper (I also came up to the idea that it has to be chowned to root/wheel :) ):
    Code:
    #!/bin/sh
    user=`whoami`
    export PHPRC=/home/$user/public_html
    exec /usr/local/cpanel/cgi-sys/php5bin
    I reworked your wrapper to look like this:
    Code:
    #!/bin/bash
    
    # This will fake the name & path and hide the /usr/local/cpanel/cgi-sys/php5 path!
    export PWD=$DOCUMENT_ROOT
    
    export PHPRC=`dirname $PATH_TRANSLATED`/php.ini
    
    exec /usr/local/cpanel/cgi-sys/php5bin
    The PWD has to be exported to hide the path.
    I prefer to use the PHPRC, because it will just look in the specified directory for php.ini, because with the '-c' you have to first check does the files exists (as you do in your example).
     
  4. cPanelKenneth

    cPanelKenneth cPanel Development
    Staff Member

    Joined:
    Apr 7, 2006
    Messages:
    4,461
    Likes Received:
    22
    Trophy Points:
    38
    cPanel Access Level:
    Root Administrator
    Use mod_suphp. It will give you what you want, without having to jump through hoops with fragile wrappers.
     
Loading...

Share This Page