The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

web site stops working inside a disabled shell.

Discussion in 'General Discussion' started by keat63, Dec 9, 2014.

  1. keat63

    keat63 Well-Known Member

    Joined:
    Nov 20, 2014
    Messages:
    765
    Likes Received:
    20
    Trophy Points:
    18
    cPanel Access Level:
    Root Administrator
    I'm still learning WHM and its security measures etc.
    I've tried to put one of my accounts under a disabled shell, but as soon as i do this, the site stops working.
    I did ask a week or so ago, but don't think i got a reply.

    The site in question is a cubecart which uses PHP files.
    Is there any reason why it stops working, ?
    I'm, seeing 404 errors, so i'm assuming that the files have moved ??

    - - - Updated - - -

    Code:
    Internal Server Error
    
    The server encountered an internal error or misconfiguration and was unable to complete your request.
    
    Please contact the server administrator, webmaster@xxx.co.uk and inform them of the time the error occurred, and anything you might have done that may have caused the error.
    
    More information about this error may be available in the server error log.
    
    Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.
    
    Apache/2.2.29 (Unix) mod_ssl/2.2.29 OpenSSL/1.0.1e-fips mod_bwlimited/1.4 Server at www.xxx.co.uk Port 80
     
  2. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    30,807
    Likes Received:
    667
    Trophy Points:
    113
    cPanel Access Level:
    Root Administrator
  3. keat63

    keat63 Well-Known Member

    Joined:
    Nov 20, 2014
    Messages:
    765
    Likes Received:
    20
    Trophy Points:
    18
    cPanel Access Level:
    Root Administrator
    This is me changing the site back to disabled shell, then trying to open the site.
    Code:
    [Tue Dec 09 19:52:54 2014] [notice] Graceful restart requested, doing restart
    [Tue Dec 09 19:52:55 2014] [notice] mod_ruid2/0.9.8 enabled
    [Tue Dec 09 19:52:55 2014] [notice] Apache/2.2.29 (Unix) mod_ssl/2.2.29 OpenSSL/1.0.1e-fips mod_bwlimited/1.4 configured -- resuming normal operations
    [Tue Dec 09 19:52:58 2014] [error] [client my.ip.address] SecurityException in Application.cpp:186: Do not have root privileges. Executable not set-uid root?
    [Tue Dec 09 19:52:58 2014] [error] [client my.ip.address] Premature end of script headers: index.php
    [Tue Dec 09 19:52:58 2014] [error] [client my.ip.address] File does not exist: /home/account/public_html/500.shtml
     
  4. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    30,807
    Likes Received:
    667
    Trophy Points:
    113
    cPanel Access Level:
    Root Administrator
    Please check the ownership values of the index.php file and the public_html directory itself. The logs indicate the file or directory might be owned by "root" instead of the account username.

    Thank you.
     
  5. keat63

    keat63 Well-Known Member

    Joined:
    Nov 20, 2014
    Messages:
    765
    Likes Received:
    20
    Trophy Points:
    18
    cPanel Access Level:
    Root Administrator
    Michael.
    After you mentioned apache, i figured i'd play with apache/php config.
    I changed the PHP 5 Handler from SUPHP to DSO, restarted Apache and it seems that the site is now working in a shell.
    Although, I'd have to fully test this.

    Whats the difference between SUPHP and DSO and are there any implications ?

    Also could you explain how i check the ownership ?
     
  6. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    30,807
    Likes Received:
    667
    Trophy Points:
    113
    cPanel Access Level:
    Root Administrator
    You can review ownership values with a command such as:

    Code:
    ls -al /home/username/public_html
    While using DSO may allow the website to load, it's likely still a good idea to review file/directory ownership values because "root" ownership is not ideal for a shared hosting account. The following document explains the differences between suPHP and DSO:

    PHP Handlers

    Thank you.
     
  7. keat63

    keat63 Well-Known Member

    Joined:
    Nov 20, 2014
    Messages:
    765
    Likes Received:
    20
    Trophy Points:
    18
    cPanel Access Level:
    Root Administrator
    I put it back to SUphp, removed it from the shell then added it back in. (just in case)
    This is what I found.

    Code:
    root@servername [~]# ls -al /home/user/public_html
    total 76532
    drwxr-x--- 20 user nobody     4096 Dec  9 20:03 ./
    drwx--x--x 15 user user       4096 Dec  9 09:11 ../
    -rw-r--r--  1 user user   48081909 Nov 21 08:46 171114.zip
    -rw-r--r--  1 user user      11262 Nov 21 08:45 404.htm
    drwxr-xr-x 18 user user       4096 Nov 21 08:46 admin/
    -rw-r--r--  1 user user      10648 Nov 21 08:45 AT146.pdf
    -rw-r--r--  1 user user   23690574 Nov 21 08:46 atnumscrews.zip
    drwxr-xr-x  4 user user       4096 Nov 21 08:52 userimages/
    -rw-r--r--  1 user user     571372 Nov 21 08:50 user-sitemap.xml
    -rw-r--r--  1 user user    1428298 Nov 21 08:46 Body\ Clip\ A4\ 2.pdf
    -rw-r--r--  1 user user       4294 Nov 21 08:50 cart.php
    drwxr-xr-x  2 user user       4096 Nov 21 20:41 cgi-bin/
    -rw-r--r--  1 user user      26671 Nov 21 08:50 challenge.jpg
    drwxr-xr-x  3 user user       4096 Nov 21 08:47 classes/
    -rw-r--r--  1 user user       2905 Nov 21 08:50 confirmed.php
    drwxr-xr-x  3 user user       4096 Nov 21 08:47 contact/
    drwxr-xr-x  2 user user       4096 Nov 21 08:48 coshh/
    drwxr-xr-x  2 user user       4096 Nov 21 08:48 docs/
    -rw-r--r--  1 user user       3693 Nov 21 08:50 download.php
    -rw-r--r--  1 user user          0 Nov 21 08:46 error_log
    drwxr-xr-x  2 user user       4096 Nov 21 08:48 extra/
    -rw-r--r--  1 user user       1150 Nov 21 08:46 favicon.ico
    -rw-r--r--  1 user user       1003 Nov 21 08:50 .htaccess
    -rw-r--r--  1 user user       1115 Nov 21 08:45 .htaccess-copy
    drwxr-x---  2 user nobody     4096 Nov 21 13:54 .htpasswds/
    drwxr-xr-x  9 user user       4096 Nov 21 08:55 images/
    drwxr-xr-x  7 user user       4096 Nov 21 08:48 includes/
    -rw-r--r--  1 user user       6725 Nov 21 08:50 index.php
    -rw-r--r--  1 user user       6717 Nov 21 08:46 index.php-notellafreind
    -rw-r--r--  1 user user       6717 Nov 21 08:50 index.php-orig
    -rw-r--r--  1 user user        573 Nov 21 08:46 info.php
    drwxr-xr-x  2 user user       4096 Nov 21 08:48 js/
    drwxr-xr-x 12 user user       4096 Nov 21 08:48 language/
    -rw-r--r--  1 user user      76404 Nov 21 08:50 latex.jpg
    -rw-r--r--  1 user user      45892 Nov 21 08:50 logo.jpg
    drwxr-xr-x  5 user user       4096 Nov 21 08:48 modules/
    -rw-r--r--  1 user user      16362 Nov 21 08:50 new-blue.jpg
    -rw-r--r--  1 user user      13276 Nov 21 08:50 new-grey.jpg
    -rw-r--r--  1 user user      64000 Nov 21 08:50 of.doc
    -rw-r--r--  1 user user        684 Nov 21 08:50 offLine.php
    -rw-r--r--  1 user user      64000 Nov 21 08:50 oform.doc
    -rw-r--r--  1 user user     322983 Nov 21 08:50 of.pdf
    drwxr-xr-x  7 user user       4096 Nov 21 08:49 pear/
    drwxr-xr-x  2 user user       4096 Nov 21 08:49 psusite/
    -rw-r--r--  1 user user      13870 Nov 21 08:50 README.txt
    -rw-r--r--  1 user user       1444 Nov 21 08:50 recommend.php
    -rw-r--r--  1 user user       1437 Nov 21 08:46 recommend.php-old
    -rw-r--r--  1 user user       1440 Nov 21 08:46 recommend.php-old2
    -rw-r--r--  1 user user        576 Nov 21 08:50 robots.txt
    drwxr-xr-x  2 user user       4096 Nov 21 08:49 root\ backup/
    -rw-r--r--  1 user user    3006331 Nov 21 08:46 rubberwheel2.zip
    -rw-r--r--  1 user user         99 Nov 21 08:50 shop
    -rw-r--r--  1 user user       1390 Nov 21 08:50 shop.php
    drwxr-xr-x  4 user user       4096 Nov 21 08:52 skins/
    -rw-r--r--  1 user user       2448 Nov 21 08:50 spiders.txt
    -rw-r--r--  1 user user       2787 Nov 21 08:50 switch.php
    -rw-r--r--  1 user user       2186 Nov 21 08:46 test.htm
    -rw-r--r--  1 user user        471 Nov 21 08:46 thankyou.htm
    -rw-r--r--  1 user user      28453 Nov 21 08:46 title.gif
    Prior to this, I also tried making changing the ownership of the account from root to user.
    But it still failed with shell disabled
     
    #7 keat63, Dec 9, 2014
    Last edited: Dec 9, 2014
  8. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    30,807
    Likes Received:
    667
    Trophy Points:
    113
    cPanel Access Level:
    Root Administrator
    Are you still receiving the same error message in the Apache error log when visiting the website after making the ownership modifications?

    Thank you.
     
  9. keat63

    keat63 Well-Known Member

    Joined:
    Nov 20, 2014
    Messages:
    765
    Likes Received:
    20
    Trophy Points:
    18
    cPanel Access Level:
    Root Administrator
    Hi Michael.

    I am still seeing the same issue.
    There is something on the cubecart forums about the ereg() functions being deprecated and PHP will throw back a lot of warnings in PHP 5.
    The cubecart i'm using was written when PHP4 was in fashion.

    Do you think this could have anything to do with it ?

    It does seem to be running OK in a disabled shell when PHP is configured for DSO, and runs OK when PHP is configured for SUphp when in a normal shell.

    There will only be me running this server, i will not be reselling it, but I will have a number of domains (belonging to myself) on there.
    I'm happy to leave it at DSO if there are no security implications.
     
  10. Infopro

    Infopro cPanel Sr. Product Evangelist
    Staff Member

    Joined:
    May 20, 2003
    Messages:
    14,468
    Likes Received:
    196
    Trophy Points:
    63
    Location:
    Pennsylvania
    cPanel Access Level:
    Root Administrator
    Twitter:
    Why would you be installing an older version of this script?
    /http://cubecart.com/tour/hosting-requirements

    Requirements say:
    PHP Version 5.2.3+

    If you're having issues installing that script, you might try asking for support on that scripts support channels.

    I don't see any cPanel issues here, so much as you having issues installing some script on a cPanel Powered Server.

    We can't support CubeCart on these forums.
     
  11. keat63

    keat63 Well-Known Member

    Joined:
    Nov 20, 2014
    Messages:
    765
    Likes Received:
    20
    Trophy Points:
    18
    cPanel Access Level:
    Root Administrator
    Sorry InfoPr, i'm not sure what you're trying to say.?
    I'm not asking for Cubecart help, I'm trying to understand what's causing the site not to work inside a shell.
    The cubecart we are using is heavily modified and won't upgrade without losing the mods, some of which are vital to the job.
    And i only discovered yesterday that PHP5 may cause issues.

    I guess my next thing will be to try and downgrade PHP to 5.2.3, and see if this helps
     
  12. Infopro

    Infopro cPanel Sr. Product Evangelist
    Staff Member

    Joined:
    May 20, 2003
    Messages:
    14,468
    Likes Received:
    196
    Trophy Points:
    63
    Location:
    Pennsylvania
    cPanel Access Level:
    Root Administrator
    Twitter:
    You're trying to make an old, out of date, possibly not secure script work. It's running as root user it sounds like to me.

    It's not your cPanel that has an issue though, its the script, Cubecart not working on your I assume, up to date cPanel Powered Server.

    Support for Cubecart can be found on the Cubecart support site. My guess, they'll tell you to upgrade the script. Regardless, cPanel cannot support it.

    If I had a dime for every time I read a comment like this, right before the site got hacked, I'd be living on a beach somewhere with my feet up and a cold beer in my hand.

    My apologies if that sounds a bit harsh, its not meant to. If you read it as such though, do a bit more reading. Google this:
    Cubecart vulnerabilities

    GL!
     
  13. keat63

    keat63 Well-Known Member

    Joined:
    Nov 20, 2014
    Messages:
    765
    Likes Received:
    20
    Trophy Points:
    18
    cPanel Access Level:
    Root Administrator
    I knew nothing about WHM until about two weeks ago, so I'm undergoing a massive self learning curve.

    Earlier in the week, the site was owned by root.
    I naively assumed that as i'm the only person using this and the password is very secure, that it would be OK to run all my domains under a single login/user (root)
    However, I've since learned that this is maybe not such a good thing, so I made the account a reseller.

    I'm under pressure to move the site from it's current host, but at the same time keep it working, only then could i even consider trying to upgrade it.
    Given the custom mods applied, i know from the start that it's not going to work and will be a long arduous trek.
     
  14. Infopro

    Infopro cPanel Sr. Product Evangelist
    Staff Member

    Joined:
    May 20, 2003
    Messages:
    14,468
    Likes Received:
    196
    Trophy Points:
    63
    Location:
    Pennsylvania
    cPanel Access Level:
    Root Administrator
    Twitter:
    I've been reading your recent threads, understood.

    None of my business of course, but I'd be interested to know why this is. If I was to guess, some sort of problems with this Cubecart.

    Why? It sounds to me like this site has some things going on with it that require escalated privileges.

    Still, my point stands. We cannot support any third party scripts on this forum. Especially those that are out of date and not secure.

    I'd feel bad if I or anyone else here helped you get this working and it got hacked, and then you came back asking how that happened.


    If you have a properly configured and secured server, and then you created a Basic Package with no Reseller perms, and you then create an account to use that Package, and then you created a Database on that account, logged in as that normal user, and then imported your cubecart database into it, and then you uploaded all files for the site, properly, meaning owned by the account owner, with files 644 directories 755 permissions, IMHO, that site should work.

    It may not work perfect, you may find errors all over the page about deprecated code for example, but it should work at least somewhat.

    If it does not, you visit the Cubecart support forum and ask for assistance with it.

    I think there's more going on here with the out of date script and is why I'm asking you to go try for support on the Cubecart forums, if you haven't yet.

    From what I've read in your posts, this is not a cPanel issue.

    I hope that helps somehow.
     
  15. keat63

    keat63 Well-Known Member

    Joined:
    Nov 20, 2014
    Messages:
    765
    Likes Received:
    20
    Trophy Points:
    18
    cPanel Access Level:
    Root Administrator
    Maybe my issue has been account related.
    Again, not really knowing whether i'm doing this right or wrong.
    I'll have a look at creating a new basic account and try from there.

    I'm more than willing to learn
     
  16. keat63

    keat63 Well-Known Member

    Joined:
    Nov 20, 2014
    Messages:
    765
    Likes Received:
    20
    Trophy Points:
    18
    cPanel Access Level:
    Root Administrator
    ahhhh "Package"
    Let me tinker a little more and come back tomorrow.


    As regards being under pressure. The site is currently on a shared host, where the mail server keeps getting blacklisted because of spammers and/or hackers.
    I figured that we might be better off going it alone.

    I want to be sure that I'm happy with standing on my own two feet (so to speak) before jumping in and going live.
    The boss doesn't really understand that.
     
    #16 keat63, Dec 11, 2014
    Last edited: Dec 11, 2014
  17. keat63

    keat63 Well-Known Member

    Joined:
    Nov 20, 2014
    Messages:
    765
    Likes Received:
    20
    Trophy Points:
    18
    cPanel Access Level:
    Root Administrator
    I just found something in an earlier thread about Ruid2 and SUphp not working together.
    I can see in my PHP config that Ruid2 is enabled, but i see no way to disbable this.
     
    Tariqaziz likes this.
  18. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    30,807
    Likes Received:
    667
    Trophy Points:
    113
    cPanel Access Level:
    Root Administrator
    You can disable Mod_Ruid2 via EasyApache:

    /scripts/easyapache

    Or;

    "WHM Home » Software » EasyApache (Apache Update)"

    It's documented here:

    Mod_Ruid2

    Thank you.
     
  19. keat63

    keat63 Well-Known Member

    Joined:
    Nov 20, 2014
    Messages:
    765
    Likes Received:
    20
    Trophy Points:
    18
    cPanel Access Level:
    Root Administrator
    I'll take a look, and report back.

    Thanks
     
Loading...

Share This Page