Install suPHP on centos linux OS?

In this forum you can read tutorials. You can also post your own tutorials to help other members.
HR-ADMIN
Site Admin
Posts: 22
Joined: Sat Mar 16, 2013 9:54 pm

Install suPHP on centos linux OS?

Postby HR-ADMIN » Fri May 31, 2013 10:50 pm

suPHP is a tool that allows PHP scripts to be executed with the permissions of their owners. By not running PHP script using web server’s user rights, suPHP increase the server security.

First install httpd-devel and compiler tools:

—–
yum install httpd-devel gcc gcc-c++ make
—–
Download suPHP source code and extract it

—-
wget http://www.suphp.org/download/suphp-0.7.1.tar.gz
tar -xvzf suphp-0.7.1.tar.gz
cd suphp-0.7.1
—-
Note: source : http://www.suphp.org/Download.html

Now we compile suPHP :

—-
./configure –with-apxs=/usr/sbin/apxs –with-apache-user=apache –with-logfile=/var/log/httpd/suphp_log –with-setid-mode=paranoid –sysconfdir=/etc –with-apr=/usr/bin/apr-1-config –with-php=/usr/bin/php-cgi –enable-SUPHP_USE_USERGROUP=yes

make
make install
—-
Next create suphp.conf to configure Apache so it will call suPHP for interpreting PHP scripts

vi /etc/httpd/conf.d/suphp.conf
Add this configuration:

—-
LoadModule suphp_module modules/mod_suphp.so
suPHP_Engine on
AddType application/x-httpd-php .php

suPHP_AddHandler application/x-httpd-php

—-

Save the file and the next step is to disable mod_php configuration as we are now using suPHP :


mv /etc/httpd/conf.d/php.conf /etc/httpd/conf.d/php.conf.disabled


After we finished with Apache configuration, next we create suphp.conf file which contain suPHP configuration :

vi /etc/suphp.conf

—-
[global]
;Path to logfile
logfile=/var/log/suphp.log

;Loglevel
loglevel=info

;User Apache is running as
webserver_user=apache

;Path all scripts have to be in
docroot=/var/www:${HOME}/public_html

;Path to chroot() to before executing script
;chroot=/mychroot

; Security options
allow_file_group_writeable=false
allow_file_others_writeable=false
allow_directory_group_writeable=false
allow_directory_others_writeable=false

;Check wheter script is within DOCUMENT_ROOT
check_vhost_docroot=true

;Send minor error messages to browser
errors_to_browser=false

;PATH environment variable
env_path=/bin:/usr/bin

;Umask to set, specify in octal notation
umask=0077

; Minimum UID
min_uid=0

; Minimum GID
—-

After Apache and suPHP is configured, we need to add suPHP_UserGroup option on each virtual hosting we hosted on the server. For example, the domain.com virtual host would look like:

—-

DocumentRoot /home/user/public_html

allow from all
Options +Indexes

ServerName domain.com
ErrorLog /var/log/httpd/domain.com
LogLevel warn
suPHP_UserGroup user user

—-

Restart httpd.
Hostripples - Leaders in Linux Hosting
http://www.hostripples.com

http://blog.hostripples.com
HostRipples | Domain Name Registration & $1 Web Hosting

Adell5421
Posts: 1
Joined: Thu May 30, 2013 12:46 pm

Re: Install suPHP on centos linux OS?

Postby Adell5421 » Sat Jun 01, 2013 12:53 am

Thanks for the post ... Also can you please provide some steps for suphp hardening . :)


Return to “Tutorials / How tos?”

Who is online

Users browsing this forum: No registered users and 3 guests