Here we go
DOWNLOAD AND INSTALL
wget http://www.suphp.org/download/suphp-0.6.1.tar.gz
tar -zxvf suphp-0.6.1.tar.gz
cd suphp-0.6.1
./configure --with-prefix=/usr --with-apxs=/usr/sbin/apxs --with-min-uid=500 --with-min-gid=500 --with-apache-user=apache --with-php=/usr/bin/php --with-setid-mode=owner --prefix= --exec-prefix=/usr
make
make install
I did have a few problems with the makefile not adding the conf files so added manually
pico /etc/suphp.conf
[global]
logfile=/var/log/httpd/suphp_log
loglevel=info
webserver_user=apache
docroot=/
env_path=/bin:/usr/bin
umask=0077
min_uid=500
min_gid=500
; Security options
allow_file_group_writeable=false
allow_file_others_writeable=false
allow_directory_group_writeable=false
allow_directory_others_writeable=false
;Check wheter script is within DOCUMENT_ROOT
check_vhost_docroot=true
;Send minor error messages to browser
errors_to_browser=false
[handlers]
;Handler for php-scripts
x-httpd-php=php:/usr/bin/php
;Handler for CGI-scripts
x-suphp-cgi=execute:!self
I modified this so that I could enable it on virtual sites only through the vhost.conf files.
pico /etc/httpd/conf.d/suphp.conf
# This is the Apache server configuration file providing suPHP support.
# It contains the configuration directives to instruct the server how to
# serve php pages while switching to the user context before rendering.
LoadModule suphp_module modules/mod_suphp.so
# This option tells mod_suphp if a PHP-script requested on this server (or
# VirtualHost) should be run with the PHP-interpreter or returned to the
# browser "as it is".
suPHP_Engine off
Then to enable on a per domain/directory basis. If you have problems with sitebuilder or horde I would suggest you check out other threads to disallow directories. I only enable it on admin directories because this is basically where files get uploaded or modified.
pico /home/httpd/vhosts/<domain>/conf/vhost.conf
ADD
<Directory /home/httpd/vhosts/<domain>/httpdocs/<directory>
php_admin_flag engine on
suPHP_Engine On
suPHP_ConfigPath "/etc/phpvirtual/<domain>"
#suPHP_UserGroup owner group ## ONLY FOR paranoid MODE
AddHandler x-httpd-php .php
AddHandler x-httpd-php .php .php4 .php3 .phtml
suPHP_AddHandler x-httpd-php
</Directory>
And finally create a directory to store php.ini files. I suppose it could be in the conf directory however I chose to create a seperate directory under /etc/phpvirtual/<domain.com>
cp /etc/php.ini /etc/phpvirtual/<domain.com>/php.ini
Modify the new php.ini as needed.
Thats it.
Alternatively you could install the [dag] mod_suphp via yum. This is compiled in paranoid mode and you will need to modify the suphp.conf files accordingly. I did have some problems with Handlers.
BD
DOWNLOAD AND INSTALL
wget http://www.suphp.org/download/suphp-0.6.1.tar.gz
tar -zxvf suphp-0.6.1.tar.gz
cd suphp-0.6.1
./configure --with-prefix=/usr --with-apxs=/usr/sbin/apxs --with-min-uid=500 --with-min-gid=500 --with-apache-user=apache --with-php=/usr/bin/php --with-setid-mode=owner --prefix= --exec-prefix=/usr
make
make install
I did have a few problems with the makefile not adding the conf files so added manually
pico /etc/suphp.conf
[global]
logfile=/var/log/httpd/suphp_log
loglevel=info
webserver_user=apache
docroot=/
env_path=/bin:/usr/bin
umask=0077
min_uid=500
min_gid=500
; Security options
allow_file_group_writeable=false
allow_file_others_writeable=false
allow_directory_group_writeable=false
allow_directory_others_writeable=false
;Check wheter script is within DOCUMENT_ROOT
check_vhost_docroot=true
;Send minor error messages to browser
errors_to_browser=false
[handlers]
;Handler for php-scripts
x-httpd-php=php:/usr/bin/php
;Handler for CGI-scripts
x-suphp-cgi=execute:!self
I modified this so that I could enable it on virtual sites only through the vhost.conf files.
pico /etc/httpd/conf.d/suphp.conf
# This is the Apache server configuration file providing suPHP support.
# It contains the configuration directives to instruct the server how to
# serve php pages while switching to the user context before rendering.
LoadModule suphp_module modules/mod_suphp.so
# This option tells mod_suphp if a PHP-script requested on this server (or
# VirtualHost) should be run with the PHP-interpreter or returned to the
# browser "as it is".
suPHP_Engine off
Then to enable on a per domain/directory basis. If you have problems with sitebuilder or horde I would suggest you check out other threads to disallow directories. I only enable it on admin directories because this is basically where files get uploaded or modified.
pico /home/httpd/vhosts/<domain>/conf/vhost.conf
ADD
<Directory /home/httpd/vhosts/<domain>/httpdocs/<directory>
php_admin_flag engine on
suPHP_Engine On
suPHP_ConfigPath "/etc/phpvirtual/<domain>"
#suPHP_UserGroup owner group ## ONLY FOR paranoid MODE
AddHandler x-httpd-php .php
AddHandler x-httpd-php .php .php4 .php3 .phtml
suPHP_AddHandler x-httpd-php
</Directory>
And finally create a directory to store php.ini files. I suppose it could be in the conf directory however I chose to create a seperate directory under /etc/phpvirtual/<domain.com>
cp /etc/php.ini /etc/phpvirtual/<domain.com>/php.ini
Modify the new php.ini as needed.
Thats it.
Alternatively you could install the [dag] mod_suphp via yum. This is compiled in paranoid mode and you will need to modify the suphp.conf files accordingly. I did have some problems with Handlers.
BD