SuExec is an absolute must no matter what!I'll be using my server for a starting web hosting company. I'm wondering if it's better to use PHPSuexec and Suexec from the beginning (or not to use it at all!).
This is completely untrue, in my experience. PHPsuexec prevents generic access to other people's information (ie passwords in PHP scripts), it makes it easily possible to limit and track spammers, and it makes exploit processes easily identifiable. That sounds like a win to me. Specifically what security problems did you think phpsuexec brought?Personally, I do not recommend phpSuExec because it cause more security problems
than it solves and it's advantages are limited because you can track usage of scripts
with more advanced logging (easy to setup) and don't really need PHP scripts to
be executed as the user ID if your concern is tracking script usage.
Suphp is also a great idea, although I have no experience with it. It's a pity cpanel don't integrate it into their Apache 1.3 installation as well.Now, if your are using Apache 2.x or 2.2.x then I will take the exact opposite argument
and recommend you go with SuPHP which provides the same functionality as phpSuExec
but doesn't have any of the additional security problems that phpSuExec brings!
|Thread starter||Similar threads||Forum||Replies||Date|
|B||phpSuExec turned on but user is "nobody"||Web Servers and Applications||2|
|F||Why use SuPHP and not PhpSuexEc ???||Web Servers and Applications||1|
|H||Upgrading older users to SUEXEC and PHPSUEXEC||Web Servers and Applications||1|
|M||setup PHPSuExec or suPHP||Web Servers and Applications||1|
|H||suPHP = phpsuexec||Web Servers and Applications||1|