The Community Forums

Interact with an entire community of cPanel & WHM users.
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Reseller based wordpress configure permissions for all accounts

Discussion in 'General Discussion' started by mobcdi, Oct 21, 2009.

  1. mobcdi

    mobcdi Well-Known Member

    Joined:
    Jul 13, 2009
    Messages:
    109
    Likes Received:
    0
    Trophy Points:
    16
    I have a reseller account with wordpress install files in the skeleton directory so new accounts can configure their own wp install.

    I've encountered a problem with permissions to folders when users try to install themes via wp and I need to solve it for all accounts without having to delete the accounts.

    I have suPHP selected as part of my apache build but really need to get help from a cPanel expert who just happens to be a wordpress wizz as well with a love of permissions

    Anyone able to help me out find out what permissions my accounts have while running, what ones they are missing and how I can apply those permissions to all accounts (current & future)
     
    #1 mobcdi, Oct 21, 2009
    Last edited: Oct 21, 2009
  2. mobcdi

    mobcdi Well-Known Member

    Joined:
    Jul 13, 2009
    Messages:
    109
    Likes Received:
    0
    Trophy Points:
    16
    I would like to avoid having users enter ftp account details but still keep wp as secure as possible.

    Is there a way by logging into the server vto see what permissions each user account has to the folders and which account apache is running under because i don't think Apache is actually running under cPanel accounts
     
  3. cPanelDon

    cPanelDon cPanel Quality Assurance Analyst
    Staff Member

    Joined:
    Nov 5, 2008
    Messages:
    2,557
    Likes Received:
    7
    Trophy Points:
    38
    Location:
    Houston, Texas, U.S.A.
    cPanel Access Level:
    DataCenter Provider
    Twitter:
    If root access is available, then it would be possible to login using SSH access to examine and inspect each account with precision.

    Apache typically runs as the system user "nobody" -- Apache itself does not run as the user of each cPanel account.

    If using SuPHP as the primary PHP handler, then PHP runs as the user defined within each domain's virtual host, that is, where PHP scripts are executed as the unique user of each cPanel account.
     
  4. mobcdi

    mobcdi Well-Known Member

    Joined:
    Jul 13, 2009
    Messages:
    109
    Likes Received:
    0
    Trophy Points:
    16
    So if I understand correctly the account nobody is trying to create the files/folders but only the cPanel account has permission to write files folders to that location.


    If that is true then I need to give "nobody" permission to the folders that apache should be able to write to??

    Is there a quick way to do this if I have the list of accounts?

    And also is there a way to have cpanel to do it when it creates a new account?
     
  5. cPanelDon

    cPanelDon cPanel Quality Assurance Analyst
    Staff Member

    Joined:
    Nov 5, 2008
    Messages:
    2,557
    Likes Received:
    7
    Trophy Points:
    38
    Location:
    Houston, Texas, U.S.A.
    cPanel Access Level:
    DataCenter Provider
    Twitter:
    If using SuPHP, when a PHP script attempts to create a new file (e.g., a file or directory for caching content), the file/directory will be created using the user's UID and GID, not that of "nobody".

    When using SuPHP it should not be necessary to modify ownership or permissions to explicitly allow user "nobody" write access; I am wondering if this is the current case, if there may be some additional detail that may help in diagnosing the issue.

    The initial problem of permissions difficulty (e.g., when uploading via the script) sounds relatively straight-forward; so that we can have a better idea what circumstances are involved would you be able to expand in detail about any errors or log detail displayed and the current directory/file permissions being used?

    If possible, please also provide the output from the following two commands (via root SSH access):
    Code:
    # cat /usr/local/cpanel/version && echo
    # /usr/local/cpanel/bin/rebuild_phpconf --current
    The above will show your full cPanel version number and the current PHP handler (e.g., if it's set to DSO, SuPHP, CGI, etc.) including the status of SuExec.
     
  6. mobcdi

    mobcdi Well-Known Member

    Joined:
    Jul 13, 2009
    Messages:
    109
    Likes Received:
    0
    Trophy Points:
    16
    My cpanel verison is listed as 11.24.5-RELEASE_38506 and the output of the other command is
    Available handlers: suphp dso cgi none
    Default PHP : 5
    PHP4 SAPI: none
    PHP5 SAPI: dso
    SUEXEX: enabled


    Does that mean to say that php5 isn't actually running under suphp as I first thought? and is it just a matter of switching it over from dso to suphp in Main >> Service Configuration >> Apache Configuration or should I really rebuild apache the configuration?
     
    #6 mobcdi, Oct 23, 2009
    Last edited: Oct 23, 2009
  7. cPanelDon

    cPanelDon cPanel Quality Assurance Analyst
    Staff Member

    Joined:
    Nov 5, 2008
    Messages:
    2,557
    Likes Received:
    7
    Trophy Points:
    38
    Location:
    Houston, Texas, U.S.A.
    cPanel Access Level:
    DataCenter Provider
    Twitter:
    Yes; that is correct. While SuPHP support is compiled-in and available to use, the current configuration is not yet switched to utilize SuPHP.

    The SuPHP configuration may be switched via WHM via the same menu path as you described:
    WHM: Main >> Service Configuration >> Apache Configuration >> PHP and SuExec Configuration

    It is also possible to switch via SSH using the same script that shows the current configuration, in a format as described from it help/usage output:
    Code:
    # /usr/local/cpanel/bin/rebuild_phpconf
    Usage: /usr/local/cpanel/bin/rebuild_phpconf [--dryrun] [--no-restart] [--no-htaccess] [--current|--available] <Default PHP> <PHP4 Handler> <PHP5 Handler> <Suexec>
     --dryrun       : Only display the changes that would be made
     --no-restart   : Don't restart Apache after updating the php.conf link
     --no-htaccess  : Don't update user configurable PHP mime mapping.
     --current      : Show current settings
     --available    : Show available handlers and PHP SAPIs
     <Default PHP>  : Version of PHP to set as default handler for .php files
     <PHP# Handler> : Type of Apache module to use in serving PHP requests
     <Suexec>       : enabled, disabled, 1 or 0
    If PHP4 is not available, and if you wanted PHP 5 to be the default, using SuPHP, with SuExec, you could use a command like the following to accomplish the same change (to SuPHP) as would be done via WHM:
    Code:
    # /usr/local/cpanel/bin/rebuild_phpconf 5 none suphp 1
    To see which versions of PHP are available, you could use the following ("--available"), similar to using the "--current" CLI switch.
    Code:
    # /usr/local/cpanel/bin/rebuild_phpconf --available
     
  8. mobcdi

    mobcdi Well-Known Member

    Joined:
    Jul 13, 2009
    Messages:
    109
    Likes Received:
    0
    Trophy Points:
    16
    If I change php5 to use suPHP would that setting carry through any apache updates/ software updates or would I need to change it after every update
     
  9. cPanelDon

    cPanelDon cPanel Quality Assurance Analyst
    Staff Member

    Joined:
    Nov 5, 2008
    Messages:
    2,557
    Likes Received:
    7
    Trophy Points:
    38
    Location:
    Houston, Texas, U.S.A.
    cPanel Access Level:
    DataCenter Provider
    Twitter:
    The setting is normally a one-time occurrence, and it should remain the same assuming the necessary options are still enabled in future customized EasyApache builds. For example, to keep SuPHP, you'll want to ensure that both SuPHP and "CGI" remain selected.
     
  10. f-robin

    f-robin Registered

    Joined:
    Mar 22, 2010
    Messages:
    1
    Likes Received:
    0
    Trophy Points:
    1
    Same Problem: suPHP handler not showing as available

    Hi,

    We have the same problem here, but when running the command line script to see what services are running we get:

    Available handlers: dso cgi none
    DEFAULT PHP: 5
    PHP4 SAPI: none
    PHP5 SAPI: dso
    SUEXEC: enabled
    root@dev-ccuwp2sat [~]# cat /usr/local/cpanel/version && echo
    11.25.0-RELEASE_43473

    Note that there is no suPHP listed for an available handler

    Help!?
     
  11. cPanelDavidG

    cPanelDavidG Technical Product Specialist

    Joined:
    Nov 29, 2006
    Messages:
    11,279
    Likes Received:
    8
    Trophy Points:
    38
    Location:
    Houston, TX
    cPanel Access Level:
    Root Administrator
    SuPHP will only be shown when SuPHP is installed. While SuPHP is installed on new cPanel/WHM installations by default, older installations will not have SuPHP installed.

    To Install SuPHP, select the option for SuPHP in Step 5 of EasyApache.
     
Loading...

Share This Page