+91 88 00 563434 [email protected] Blog open-book Knowledge Base

Find Solutions in Our Knowledge Base

How to install suPHP on DirectAdmin

You are here:
Sharing is Caring

In this tutorial, we will explore the process of setting up suPHP on DirectAdmin.

suPHP is a tool that allows PHP scripts to be executed with the permissions of their owners. This means that suPHP can control the access to specific files, as it includes the mod_suphp module of Apache. Most PHP scripts run as the ‘nobody’ user, allowing any server user to execute the file and manipulate it by adding code to the URL. To address this security concern, suPHP stops PHP from running as the ‘nobody’ user, ensuring that files can only be written by authorized users.

Benefits of using suPHP

1) Improved security.
2) Enhanced user-friendliness for PHP applications like Mambo.
3) Ability to define custom php.ini files for different users.
4) Restricts global writable files (777).

DirectAdmin is a web hosting control panel that simplifies website management. It is compatible with servers such as CloudLinux, Red Hat, CentOS, Ubuntu, etc. By default, DirectAdmin comes with PHP as a CLI option, causing all PHP scripts to run as the ‘apache’ user. Using the suPHP module provides enhanced security compared to the mod_php module of the Apache web server, as it runs PHP files under the corresponding user’s account. DirectAdmin’s custombuild feature offers an easy way to enable suPHP on the control panel.

Installation steps for suPHP

1) Log in as the root user to the DirectAdmin server and navigate to the directory /usr/local/directadmin/custombuild using the following command:

# cd /usr/local/directadmin/custombuild/

2) Execute the custombuild scripts to modify DirectAdmin’s settings:

# ./build clean
# ./build update
# ./build set php5_cgi yes
# ./build set php5_cli no
# ./build all d
# ./build rewrite_confs

Once these scripts are run, suPHP will be installed on the server.

3) After suPHP installation, you need to fix the permissions for phpMyAdmin, Roundcube, squirrelmail. Run the following command:

# ./build roundcube
# ./build squirrelmail
# ./build phpmyadmin

4) Finally, fix the permissions of all files and directories owned by users by running the scripts shown below:

# for i in `/bin/ls /usr/local/directadmin/data/users/` ; do chown -R $i.$i /home/$i/domains/* ; echo $i ; done
# for i in `/bin/ls /usr/local/directadmin/data/users/` ; do find /home/$i/domains/ -type f -exec chmod 644 ; ; echo $i ; done
# for i in `/bin/ls /usr/local/directadmin/data/users/` ; do find /home/$i/domains/ -type d -exec chmod 755 ; ; echo $i ; done

Potential errors

1) Users may see the message “Apache functioning normally” instead of the actual website.

Resolution:

Run the following command as the root user:

# cd /usr/local/directadmin/custombuild/
# ./build rewrite_confs

2) Apache fails to start with the following error message:

Starting httpd: httpd: Syntax error on line 17 of /etc/httpd/conf/httpd.conf: Syntax error on line 1 of /etc/httpd/conf/extra/httpd-phpmodules.conf: Cannot load /usr/lib/apache/mod_suphp.so into server: /usr/lib/apache/mod_suphp.so: cannot open shared object file: No such file or directory

Resolution:

Run the following command as the root user:

# ./build suphp
# ./build rewrite_confs


Sharing is Caring

Leave a Comment

Table of Contents