Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

Forums
Forums

Quick Links
- Search Forums
- New Posts
Search titles only

Posted by Member:

Separate names with a comma.

Newer Than:

Search this thread only

Search this forum only

Display results as threads

More...

Useful Searches

Recent Posts
Resources
Resources

Quick Links
Feature Requests
Defects
Menu

php source code is downloaded and not parsed by server

Discussion in 'General Discussion' started by walterdevos, Apr 30, 2011.

walterdevos Member

Joined:

Apr 30, 2011

Messages:

11

Likes Received:

0

Trophy Points:

51

Hi everyone. We recently setup a new VPS ( CentOS ) virtual server, and are now in the process of transferring accounts. Today we stumbled upon something that worries me.

When surfing to a recently moved account, we did not get to see a nice web-page, but the browser started downloading a file, called "download", without extension. When opened in notepad, the file contained the source php code of the index.php file. The server handled the php file as if it were just a file.

We could reproduce this behavior when we moved accounts that had the option "The PHP file extention will be processed by ... " set to PHP5 in the Php Configuration. On the new VPS, we could not set this option. Only after changing the option to "System default" on the old server and then transferring the account again, the php files were parsed and the website showed.

Old server (shared hosting - cPannel 11.28.52
New server ( VPS - WHM 11.28.87 / CentOS 5.6 )

I'm not sure if this is "by design" or what config files we could have edited to cure the account. Re-transferring it after setting the option at the source did work for us. But my questions are:

Is this a security hole? Can this be fixed without doing the transfer again.

thanks

#1 walterdevos, Apr 30, 2011
cPanelTristan Quality Assurance Analyst Staff Member

Joined:

Oct 2, 2010

Messages:

7,606

Likes Received:

33

Trophy Points:

238

Location:

somewhere over the rainbow

cPanel Access Level:

Root Administrator

I'm not entirely certain I understand what was set on the old machine to change before moving the account. Normally, PHP files won't be properly parsed if you have not set the PHP handler in WHM > Apache Configuration > PHP and SuExec Configuration area on a machine.

You shouldn't need to re-transfer the accounts. You just need to determine the right PHP handler for the accounts to use so they work properly. If you cannot do so and do have root SSH and root WHM access on the new machine, please open up a ticket in WHM > Support Center > Contact cPanel.

As for being a security hole, it would be a security setup issue if you don't set the PHP handler and PHP files don't properly parse and download. It isn't an issue with most machines because they properly set the PHP handler to work, so it isn't actually a security hole in and of itself. It's a security setup issue with how your PHP handler is being parsed on your machine.

cPResources: Support Options | More Support Options | Forums Search | cPanel.net Site Search | Mailing Lists(Alt) | Docs
-- Tristan, Technical Analyst III, Forums Specialist, cPanel Tech Support

Submit a ticket | Check an existing ticket

Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...

#2 cPanelTristan, May 2, 2011

(You must log in or sign up to post here.)

Loading...

Similar Threads - source code downloaded

Installing modified source code in EasyApache4

cgibinux, Sep 1, 2018, in forum: EasyApache

Replies:

1

Views:

231

cPanelLauren

Sep 3, 2018
Excessive resource usage email

kitkit85, May 15, 2019, in forum: Security

Replies:

5

Views:

96

Infopro

May 16, 2019 at 11:50 AM
How to find the source of this email

psytanium, May 15, 2019, in forum: E-mail Discussion

Replies:

11

Views:

341

cPanelLauren

May 17, 2019 at 3:59 PM
Monitor resource usage per user

behinam, May 10, 2019, in forum: Workarounds and Optimization

Replies:

3

Views:

109

cPanelMichael

May 15, 2019
Excessive resource usage mails

pasargad, May 8, 2019, in forum: General Discussion

Replies:

2

Views:

278

LucasRolff

May 9, 2019

Share This Page

This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
By continuing to use this site, you are consenting to our use of cookies.

Accept Learn More...

Dismiss Notice