phpsuEXEC - causes 500 errors on some sites

trigger hippy

Member
Dec 2, 2005
16
0
151
Bristol, UK
I have just rebuilt apache (via WHM) to include phpsuEXEC. (I used to have it running, but during recent rebuild, I forgot to check it when I added openSSL)

A number of my sites just get a 500 error with phpsuEXEC. They used to work fine, but now apparently not. I have had to rebuild without phpsuEXEC as I can't have all my sites offline until I have sorted this.

This is an exerpt form suEXEC log
Code:
[2006-04-03 19:32:36]: info: (target/actual) uid: (tourname/tourname) gid: (tourname/tourname) cmd: index.php
[2006-04-03 19:32:36]: error: file has no execute permission: (/home/tourname/public_html/index.php)
the file in question /home/tourname/public_html/index.php is;
Code:
-rwxr-xr-x  1 tourname tourname  2252 Apr  3 19:42 index.php*
the public_html folder is;
Code:
drwxr-x---   9 tourname nobody   4096 Apr  3 19:53 public_html/
I used dreamweaver to upload the files, it was all working before, so I am not sure how the file could have been uploaded in the wrong format. Is there any way to check?

I ran 'Fix Insecure Permissions' via WHM.

Anone got any ideas?
 

Murtaza_t

Well-Known Member
Jan 24, 2005
476
0
166
Earth
cPanel Access Level
Website Owner
Is PhpSuexe still enable ? If yes then go to .htaccess in the public_html folder and comment all the line that has php flag in it and then try browsing your site again.
 

JoeB

Registered
Dec 6, 2003
3
0
151
Try setting all file permissions to 644 and directory permissions to 755. Since php will run as the user the 644 files will run. Also make sure you don't have any php lines in any .htaccess files as previously stated.

I turned on phpsuexec and after a bit of tweaking all is running well now.

Good luck!
 

tuxdesk

Well-Known Member
Oct 1, 2005
86
0
156
Hi,

Please check the php module is properly loaded with apache.
 

webignition

Well-Known Member
Jan 22, 2005
1,880
0
166
Just to add a bit of a checklist and summary of what is needed:

1. Script permission and ownership
Script should be owned by user:user and should, generally, have permissions of 0644.

2. Directory permissions and ownership (not including public_html)
A script's directory should be owned by user:user and have permisssions of 0755.

3. .htaccess
Remove any php-related settings from within .htaccess files. These will always cause an HTTP 500 response.

4. CRLFs (carriage returns and line feeds)
Windows-based editors will commonly end lines with CRLF and *nix generally prefers just LF. Sometimes, but not always, CRLF line breaks will cause PHP in CGI mode to be unhappy. CRLF line breaks will always cause mail piped to PHP scripts to fail and return error 127.

You mention you're using Dreamweaver. In DW 8, go to Edit > Preferences > Code Format > Line Break Type > and select 'LF (Unix)'. This will help for the future, but won't help with scripts that already have CRLF line breaks.

To fix CRLF line breaks, use the dos2unix tool on the affected scripts:

dos2unix /home/user/path/to/script

Once a script is fixed and confirmed working, download a fresh copy of it to your machine as the one on your machine may still have CRLF line breaks.
 

trigger hippy

Member
Dec 2, 2005
16
0
151
Bristol, UK
permissions

I hope I am not being stupid, but in the original example - I have shown the perms on the files/folders. Is there anything wrong with this?

They are as people are suggesting aren't they?
 

Murtaza_t

Well-Known Member
Jan 24, 2005
476
0
166
Earth
cPanel Access Level
Website Owner
sawbuck said:
Your original example for index.php shows perms as 655 not 644.

644 would be -rwxr--r--
I think you have been making a mistake, the original post does have 755 permission on index.php file

and

644 would be -rw-r--r--
and not -rwxr--r-- thats 744

Mean while trigger hippy did you check the .htaccess file?
 

trigger hippy

Member
Dec 2, 2005
16
0
151
Bristol, UK
Still struggling with this one....

It is a slow process as I have to keep recompiling apache to test anything (at offpeak times)

Feedback on a few suggestions...

My .htaccess files only contain commands similar to the following;

ErrorDocument 404 /404.php

or

AuthUserFile /home/resources/.adminpasswd
AuthGroupFile /dev/null
AuthName "This Area is Restricted to TradeInternet Techncial Support Administrators"
AuthType Basic
require valid-user

Are these OK?


Re permissions...
I tried 644 and it didn't help, but phpsuEXEC log is complaining about not having execute permissions (e.g. [2006-04-08 14:34:30]: error: file has no execute permission: (/home/adjustor/public_html/index.php) ).
644 doesn't give owner execute permissions, so I guess 755 would be better.

I think I need to change all permissions inside my home directory to 755 - is there a quick way of doing this, I tried chmod 755 *.php -R (in home), but it didn't like it.

I am still welcoming all help!
 

trigger hippy

Member
Dec 2, 2005
16
0
151
Bristol, UK
more testing

After more testing, I have decided it has nopthing to do with permissions as I have a number of different sites that do work and a number of sites that don't work and they all have the same (and different perms)

Example 1 (does work):
/home/azimuthp/public_html/...

-rwxr-xr-x 1 azimuthp azimuthp 4457 Apr 3 09:32 index.php

<VirtualHost 80.175.30.22>
ServerAlias azimuthprint.co.uk
ServerAdmin [email protected]
DocumentRoot /home/azimuthp/public_html
BytesLog domlogs/azimuthprint.co.uk-bytes_log
User azimuthp
Group azimuthp
ServerName www.azimuthprint.co.uk

User azimuthp
Group azimuthp
CustomLog /usr/local/apache/domlogs/azimuthprint.co.uk combined
Options -ExecCGI -Includes
</VirtualHost>
Example 2 (doesn't work):
/home/tps/public_html/...

-rwxr-xr-x 1 tps tps 11142 Mar 30 08:59 index.php

<VirtualHost 80.175.30.22>
ServerAlias tradeprintsupplies.co.uk
ServerAdmin [email protected]
DocumentRoot /home/tps/public_html
BytesLog domlogs/tradeprintsupplies.co.uk-bytes_log
User tps
Group tps
ServerName www.tradeprintsupplies.co.uk
ServerAlias tradeprintsupplies.com www.tradeprintsupplies.com

User tps
Group tps
CustomLog /usr/local/apache/domlogs/tradeprintsupplies.co.uk combined
Options -ExecCGI -Includes
</VirtualHost>
Does that help anyone suggest anything?
 

RizyDeWino

Well-Known Member
Aug 1, 2005
74
0
156
Planet Earth
One more question

Its a related issue , so I am asking my question here , lets see if some one can help :

Scenario : Moving account from 'php as Apache module' server to 'php as cgi - phpsuEXEC' server. The account contains following line in its .htaccess file :

AddType application/x-httpd-php .htm .html

to make the .htm and .html file render as php , but on new server 'php as cgi' it gives internal server error ,
My question is where should this settings be done for the account on new server ?

I will appreciate if any one can help.
 

webignition

Well-Known Member
Jan 22, 2005
1,880
0
166
RizyDeWino said:
The account contains following line in its .htaccess file :

AddType application/x-httpd-php .htm .html

to make the .htm and .html file render as php , but on new server 'php as cgi' it gives internal server error ,
My question is where should this settings be done for the account on new server ?
With phpsuexec enabled, Apache no longer deals with PHP directly and so this is probably not possible.

What I'd like to know is why do you want .htm and .html files rendered as PHP files?
 

trigger hippy

Member
Dec 2, 2005
16
0
151
Bristol, UK
More...

I have also tried convertin all files using dos2unix. Deleting and re-uploading. None of the above worked.

A few people have mentioned that you should check if the module is installed properly... How do I check this?

Could there be any conflicts between phpsuEXEC and another module?
 

RizyDeWino

Well-Known Member
Aug 1, 2005
74
0
156
Planet Earth
webignition said:
With phpsuexec enabled, Apache no longer deals with PHP directly and so this is probably not possible.

What I'd like to know is why do you want .htm and .html files rendered as PHP files?
Its for one of our clients who already has hunderds of pages (.htm and .html) bieng rendered as php and we cant ask him to change all those.

But I have found a solution from one of our Senior Techs now , and it was simple :

Chanage

AddType application/x-httpd-php .htm .html

With

AddHandler application/x-httpd-php .htm .html

Hopefully this will save other's time facing this issue.
 
Last edited:

trigger hippy

Member
Dec 2, 2005
16
0
151
Bristol, UK
Unsatisfying solution...

It looks like people have run out of suggestions, however the problem seems to have solved itself. The only catch is I don't know how!

After reading through a few more log entries, and editing a script slightly on one site, rebuilding a few times, it all suddenly just started working.

I did nothing that should have made a difference, but there we go.
 

trigger hippy

Member
Dec 2, 2005
16
0
151
Bristol, UK
failed to open log file

In the error_log it has the following which doesn't specify which error log failed to write, could this be the problem to my phpsuEXEC issue?

What perms should the error logs have? Is it talking about the phpsuEXEC error log?

Code:
failed to open log file
fopen: Permission denied
[Mon Apr 10 21:00:05 2006] [error] [client 63.88.212.164] Premature end of script headers: /home/westonlo/public_html/index.php
 

Solokron

Well-Known Member
Aug 8, 2003
851
1
168
Seattle
cPanel Access Level
DataCenter Provider
I am seeing this with a latest reinstall and update to PHP 4.4.4. Accounts that worked fantastic with 4.4.2 and php suexec are now throwing up internal server errors when updated recently. Once php suexec is removed the sites load up great again. We need php suexec though.