Facebook
Twitter-
Our team is looking to connect with folks who use email services provided by Plesk, or a premium service. If you'd like to be part of the discovery process and share your experiences, we invite you to complete this short screening survey. If your responses match the persona we are looking for, you'll receive a link to schedule a call at your convenience. We look forward to hearing from you!
-
We are looking for U.S.-based freelancer or agency working with SEO or WordPress for a quick 30-min interviews to gather feedback on XOVI, a successful German SEO tool we’re looking to launch in the U.S.
If you qualify and participate, you’ll receive a $30 Amazon gift card as a thank-you. Please apply here. Thanks for helping shape a better SEO product for agencies! -
The BIND DNS server has already been deprecated and removed from Plesk for Windows.
If a Plesk for Windows server is still using BIND, the upgrade to Plesk Obsidian 18.0.70 will be unavailable until the administrator switches the DNS server to Microsoft DNS. We strongly recommend transitioning to Microsoft DNS within the next 6 weeks, before the Plesk 18.0.70 release. -
The Horde component is removed from Plesk Installer. We recommend switching to another webmail software supported in Plesk.
STILL no suPHP support in Plesk 8.2 -- SWsoft R U listening?
- Thread starter madsere
- Start date
F
faris
Guest
Yes, this is probably the most important feature that is needed right now.
Of course it will undoubtedly cause problems when it is introduced. A lot of people will have set things up to work with (or around) the Apache ownerships as they are now.
But I think this will be a minor thing compared to the benefits of suPHP.
Of course I don't know the technicalities. Does it require php to be compiled in a certain way? Or Apache? If so then it is probably a nightmare for SWSoft to work around that.
Faris.
Of course it will undoubtedly cause problems when it is introduced. A lot of people will have set things up to work with (or around) the Apache ownerships as they are now.
But I think this will be a minor thing compared to the benefits of suPHP.
Of course I don't know the technicalities. Does it require php to be compiled in a certain way? Or Apache? If so then it is probably a nightmare for SWSoft to work around that.
Faris.
M
mediashaker
Guest
SuPHP would be nice
Yes it would be nice if they would add this in.
If you want to tighten up your PHP security then take a look at Suhosin.
http://www.hardened-php.net/suhosin/
You can load it via a php .so and its binary compatible so all other loaders will work.
What I really can't wait for is when atomicrocketturtle finishes their new Atomic Secured Linux 2.0 .. it fully integrates with plesk. If you haven't seen it check it out:
http://www.atomicrocketturtle.com/Joomla/content/view/137/34/
It offers among many other features:
*
Stack overflow protection from the PaX project, that addresses exploits in services on the system, such as apache, bind, or secure shell
*
An intelligent and robust Role-Based Access Control (RBAC) system that can generate least privilege policies for your entire system with no configuration, from the Grsecurity project.
*
Trusted Path Execution, which only allows untrusted users such as apache to execute commands owned by root, thus simply preventing a whole class of exploit techniques used by attackers, or internet worms
*
Users are restricted to only view their processes
*
Application layer firewalling through mod_security, and the industry leading rules created by Atomicorp at gotroot.com, optimized for Plesk Server Administrator environments.
*
Denial of Service protection through mod_evasive
Check out the new screenshots:
http://www.atomicrocketturtle.com/gallery2/main.php?g2_itemId=604
Plesk should really hire atomic back. He's done more for plesk than all the other plesk developers combined!
Yes it would be nice if they would add this in.
If you want to tighten up your PHP security then take a look at Suhosin.
http://www.hardened-php.net/suhosin/
You can load it via a php .so and its binary compatible so all other loaders will work.
What I really can't wait for is when atomicrocketturtle finishes their new Atomic Secured Linux 2.0 .. it fully integrates with plesk. If you haven't seen it check it out:
http://www.atomicrocketturtle.com/Joomla/content/view/137/34/
It offers among many other features:
*
Stack overflow protection from the PaX project, that addresses exploits in services on the system, such as apache, bind, or secure shell
*
An intelligent and robust Role-Based Access Control (RBAC) system that can generate least privilege policies for your entire system with no configuration, from the Grsecurity project.
*
Trusted Path Execution, which only allows untrusted users such as apache to execute commands owned by root, thus simply preventing a whole class of exploit techniques used by attackers, or internet worms
*
Users are restricted to only view their processes
*
Application layer firewalling through mod_security, and the industry leading rules created by Atomicorp at gotroot.com, optimized for Plesk Server Administrator environments.
*
Denial of Service protection through mod_evasive
Check out the new screenshots:
http://www.atomicrocketturtle.com/gallery2/main.php?g2_itemId=604
Plesk should really hire atomic back. He's done more for plesk than all the other plesk developers combined!
P
PedstersPlanet
Guest
I mentioned suPHP before, no-one listened then..... with the prices they ask for Plesk, they should include suPHP and more security features.
matt.simpson
Basic Pleskian
Why not just install suPHP yourself instead of complaining that it's not included with Plesk? It's a control panel people, it shouldn't have to hold your hand and wake you up in the morning.
~Matt
~Matt
P
PedstersPlanet
Guest
Coz when I tried to recompile Apache with suPHP support, it f'ed up..... Not everyone is a Linux buff you know..
By all means give or direct us a step-by-step fool proof guide to install suPHP with Apache.......
O
obeone
Guest
suPHP needed for Joomla
Yes, I too would like suphp integration with Plesk.
Just upgraded to 8.2
soooo, if anyone is capable of installing, and setting up to correct the Joomla user issue, please PM me.
Also, if you are capable of integrating spamassassin, I would be interested in that too
Yes, I too would like suphp integration with Plesk.
Just upgraded to 8.2
soooo, if anyone is capable of installing, and setting up to correct the Joomla user issue, please PM me.
Also, if you are capable of integrating spamassassin, I would be interested in that too
A
aktivisto
Guest
Yeah, RIGHT! And add that **** after your client creates domain in every vhost.conf by hand. What a briliant idea!
suPHP will not fix security problem, we need chroot + suexec (with user and user_www)!
And don't suggest suhosin, since it solves different range of problems....
Hey swsoft, where is update to php-5.2.4???
atomicturtle
Golden Pleskian
up2date on RHEL4 supports yum archives natively, and as of RHEL 5 up2date was discontinued in favor of yum.
SuSE is also a commercially supported enterprise linux, and CentOS is the community supported enterprise OS. It uses the exact same source code as RHEL. The only difference is that the redhat trademarks have been removed. You'll also find that all the 3rd party archive maintainers (myself, dag, axel thimm, dries, karan, and many others) are involved with the CentOS project.
My installer will add yum to a VPS or RHEL4 system if you don't already have it:
wget -q -O - http://www.atomicrocketturtle.com/installers/atomic |sh
SuSE is also a commercially supported enterprise linux, and CentOS is the community supported enterprise OS. It uses the exact same source code as RHEL. The only difference is that the redhat trademarks have been removed. You'll also find that all the 3rd party archive maintainers (myself, dag, axel thimm, dries, karan, and many others) are involved with the CentOS project.
My installer will add yum to a VPS or RHEL4 system if you don't already have it:
wget -q -O - http://www.atomicrocketturtle.com/installers/atomic |sh
You can check how to add to plesk suphp
http://www.grafxsoftware.com/faq.php/HOW-TO-Setup-a-PLESK-Dedicated-Server/1/4/
http://www.grafxsoftware.com/faq.php/HOW-TO-Setup-a-PLESK-Dedicated-Server/1/4/
Plesk 8.6 Linux suphp automated support
Hello,
after having lot of troubles with joomla, wordpress and others softwares I decided finaly install suphp on my servers. I spend few days for searching and investigating for full automated solution. And at last ... system is working. Here all install manual, how i did. Maybe somewhere I wrong, but this solution is working for me.
First of all, download and install atomic script:
# wget -q -O – http://www.atomicorp.com/installers/atomic | sh
after script is instaled, install mod_suphp
# yum install mod_suphp
Next step is enable suPhp in apache, create suphp.conf file in
# vi /etc/httpd/conf.d/suphp.conf
and insert the following:
LoadModule suphp_module modules/mod_suphp.so
php_admin_value engine off
suPHP_Engine On
AddHandler x-httpd-php .php .php3 .php4 .php5
suPHP_AddHandler x-httpd-php
After that we need to create config for suphp in /etc suphp.conf
[global]
;Path to logfile
logfile=/var/log/suphp.log
;Loglevel
loglevel=warn
;User Apache is running as
webserver_user=apache
;Path all scripts have to be in
docroot=/var/www/vhosts:${ HOME}/httpdocs
;Path to chroot() to before executing script
;chroot=/mychroot
; Security options
allow_file_group_writeable=true
allow_file_others_writeable=false
allow_directory_group_writeable=true
allow_directory_others_writeable=false
;Check wheter script is within DOCUMENT_ROOT
check_vhost_docroot=false
;Send minor error messages to browser
errors_to_browser=true
;PATH environment variable
env_path=/bin:/usr/bin
;Umask to set, specify in octal notation
umask=0022
; Minimum UID
min_uid=30
; Minimum GID
min_gid=30
; Use correct permissions for mod_userdir sites
;handle_userdir=true
[handlers]
;Handler for php-scripts
php5-script=php:/usr/bin/php-cgi
;Handler for CGI-scripts
x-suphp-cgi=execute:!self
Now we can restart apache:
/etc/inid.d/httpd restart
Install of suphp is done.
Now it's time to configure plesk add suphp in hosts:
cd /usr/local/psa/bin
touch suphp_domain.sh
chown root:root
chmod 755
vi suphp_domain.sh
#!/bin/bash
sleep 30
echo '# PHP version detected 5' >> /var/www/vhosts/$1/conf/vhost.conf
echo '<IfModule mod_suphp.c>' >> /var/www/vhosts/$1/conf/vhost.conf
echo "<Directory \"/var/www/vhosts/$1/httpdocs/\">" >> /var/www/vhosts/$1/conf/vhost.conf
echo 'php_admin_flag engine on' >> /var/www/vhosts/$1/conf/vhost.conf
echo 'suPHP_Engine On' >> /var/www/vhosts/$1/conf/vhost.conf
echo "suPHP_ConfigPath \"/var/www/vhosts/$1/httpdocs/\"" >> /var/www/vhosts/$1/conf/vhost.conf
echo 'AddHandler php5-script .php' >> /var/www/vhosts/$1/conf/vhost.conf
echo 'AddHandler x-httpd-php .php5' >> /var/www/vhosts/$1/conf/vhost.conf
echo 'suPHP_AddHandler php5-script .php' >> /var/www/vhosts/$1/conf/vhost.conf
echo '<Files php.ini>' >> /var/www/vhosts/$1/conf/vhost.conf
echo 'order allow,deny' >> /var/www/vhosts/$1/conf/vhost.conf
echo 'deny from all' >> /var/www/vhosts/$1/conf/vhost.conf
echo '</Files>' >> /var/www/vhosts/$1/conf/vhost.conf
echo 'php_value open_basedir "/tmp/"' >> /var/www/vhosts/$1/conf/vhost.conf
echo "php_value upload_tmp_dir \"/var/www/vhosts/$1/httpdocs/tmp/\"" >> /var/www/vhosts/$1/conf/vhost.conf
echo '</Directory>' >> /var/www/vhosts/$1/conf/vhost.conf
echo '</IfModule>' >> /var/www/vhosts/$1/conf/vhost.conf
/usr/local/psa/admin/bin/websrvmng -u --vhost-name=$1
/etc/init.d/httpd restart
touch suphp_subdomain.sh
chown root:root
chmod 755
vi suphp_subdomain.sh
#!/bin/bash
sleep 30
echo '# PHP version detected 5' >> /var/www/vhosts/$1/subdomains/$2/conf/vhost.conf
echo '<IfModule mod_suphp.c>' >> /var/www/vhosts/$1/subdomains/$2/conf/vhost.conf
echo "<Directory \"/var/www/vhosts/$1/subdomains/$2/httpdocs/\">" >> /var/www/vhosts/$1/subdomains/$2/conf/vhost.conf
echo 'php_admin_flag engine on' >> /var/www/vhosts/$1/subdomains/$2/conf/vhost.conf
echo 'suPHP_Engine On' >> /var/www/vhosts/$1/subdomains/$2/conf/vhost.conf
echo "suPHP_ConfigPath \"/var/www/vhosts/$1/subdomains/$2/httpdocs/\"" >> /var/www/vhosts/$1/subdomains/$2/conf/vhost.conf
echo 'AddHandler php5-script .php' >> /var/www/vhosts/$1/subdomains/$2/conf/vhost.conf
echo 'AddHandler x-httpd-php .php5' >> /var/www/vhosts/$1/subdomains/$2/conf/vhost.conf
echo 'suPHP_AddHandler php5-script .php' >> /var/www/vhosts/$1/subdomains/$2/conf/vhost.conf
echo '<Files php.ini>' >> /var/www/vhosts/$1/subdomains/$2/conf/vhost.conf
echo 'order allow,deny' >> /var/www/vhosts/$1/subdomains/$2/conf/vhost.conf
echo 'deny from all' >> /var/www/vhosts/$1/subdomains/$2/conf/vhost.conf
echo '</Files>' >> /var/www/vhosts/$1/subdomains/$2/conf/vhost.conf
echo 'php_value open_basedir "/tmp/"' >> /var/www/vhosts/$1/subdomains/$2/conf/vhost.conf
echo "php_value upload_tmp_dir \"/var/www/vhosts/$1/subdomains/$2/httpdocs/tmp/\"" >> /var/www/vhosts/$1/subdomains/$2/conf/vhost.conf
echo '</Directory>' >> /var/www/vhosts/$1/subdomains/$2/conf/vhost.conf
echo '</IfModule>' >> /var/www/vhosts/$1/subdomains/$2/conf/vhost.conf
/usr/local/psa/admin/bin/websrvmng -u --vhost-name=$1
/etc/init.d/httpd restart
Files are ready. Now login to plesk and goto Server --> Event Manager --> Add New Event Handler
select event "Domain created", priority -> lowest, user -> root and in command insert:/usr/local/psa/bin/suphp_domain.sh <new_domain_name>
This will create config file for every new domain you create. The same we have to do for subdomain:
Server --> Event Manager --> Add New Event Handler, select event "Subdomain created", priority -> lowest, user -> root and in command insert:
/usr/local/psa/bin/suphp_subdomain.sh <new_domain_name> <new_subdomain_name
This will do the same for every subdomain.
Thats all, now you can easy install joomla, wordpress, gallery's and others without any problems with permissions in your new domains created in plesk. I don't know it is compatible with plesk 9.x.
If you already have domains with instaled aplications than you have to change permissions to use with suphp:
find . -type f -exec chmod 644 {} \;; find . -type d -exec chmod 755 {} \;; find . -exec chown <USER>
sacln {} \;; service httpd restart
You must change <USER> to your own domain user.
Use it at your own risk.
Thank to atomicrocketturtle.com, linuxhostingsupport.net and other which resourses was very usefull.
Hello,
after having lot of troubles with joomla, wordpress and others softwares I decided finaly install suphp on my servers. I spend few days for searching and investigating for full automated solution. And at last ... system is working. Here all install manual, how i did. Maybe somewhere I wrong, but this solution is working for me.
First of all, download and install atomic script:
# wget -q -O – http://www.atomicorp.com/installers/atomic | sh
after script is instaled, install mod_suphp
# yum install mod_suphp
Next step is enable suPhp in apache, create suphp.conf file in
# vi /etc/httpd/conf.d/suphp.conf
and insert the following:
LoadModule suphp_module modules/mod_suphp.so
php_admin_value engine off
suPHP_Engine On
AddHandler x-httpd-php .php .php3 .php4 .php5
suPHP_AddHandler x-httpd-php
After that we need to create config for suphp in /etc suphp.conf
[global]
;Path to logfile
logfile=/var/log/suphp.log
;Loglevel
loglevel=warn
;User Apache is running as
webserver_user=apache
;Path all scripts have to be in
docroot=/var/www/vhosts:${ HOME}/httpdocs
;Path to chroot() to before executing script
;chroot=/mychroot
; Security options
allow_file_group_writeable=true
allow_file_others_writeable=false
allow_directory_group_writeable=true
allow_directory_others_writeable=false
;Check wheter script is within DOCUMENT_ROOT
check_vhost_docroot=false
;Send minor error messages to browser
errors_to_browser=true
;PATH environment variable
env_path=/bin:/usr/bin
;Umask to set, specify in octal notation
umask=0022
; Minimum UID
min_uid=30
; Minimum GID
min_gid=30
; Use correct permissions for mod_userdir sites
;handle_userdir=true
[handlers]
;Handler for php-scripts
php5-script=php:/usr/bin/php-cgi
;Handler for CGI-scripts
x-suphp-cgi=execute:!self
Now we can restart apache:
/etc/inid.d/httpd restart
Install of suphp is done.
Now it's time to configure plesk add suphp in hosts:
cd /usr/local/psa/bin
touch suphp_domain.sh
chown root:root
chmod 755
vi suphp_domain.sh
#!/bin/bash
sleep 30
echo '# PHP version detected 5' >> /var/www/vhosts/$1/conf/vhost.conf
echo '<IfModule mod_suphp.c>' >> /var/www/vhosts/$1/conf/vhost.conf
echo "<Directory \"/var/www/vhosts/$1/httpdocs/\">" >> /var/www/vhosts/$1/conf/vhost.conf
echo 'php_admin_flag engine on' >> /var/www/vhosts/$1/conf/vhost.conf
echo 'suPHP_Engine On' >> /var/www/vhosts/$1/conf/vhost.conf
echo "suPHP_ConfigPath \"/var/www/vhosts/$1/httpdocs/\"" >> /var/www/vhosts/$1/conf/vhost.conf
echo 'AddHandler php5-script .php' >> /var/www/vhosts/$1/conf/vhost.conf
echo 'AddHandler x-httpd-php .php5' >> /var/www/vhosts/$1/conf/vhost.conf
echo 'suPHP_AddHandler php5-script .php' >> /var/www/vhosts/$1/conf/vhost.conf
echo '<Files php.ini>' >> /var/www/vhosts/$1/conf/vhost.conf
echo 'order allow,deny' >> /var/www/vhosts/$1/conf/vhost.conf
echo 'deny from all' >> /var/www/vhosts/$1/conf/vhost.conf
echo '</Files>' >> /var/www/vhosts/$1/conf/vhost.conf
echo 'php_value open_basedir "/tmp/"' >> /var/www/vhosts/$1/conf/vhost.conf
echo "php_value upload_tmp_dir \"/var/www/vhosts/$1/httpdocs/tmp/\"" >> /var/www/vhosts/$1/conf/vhost.conf
echo '</Directory>' >> /var/www/vhosts/$1/conf/vhost.conf
echo '</IfModule>' >> /var/www/vhosts/$1/conf/vhost.conf
/usr/local/psa/admin/bin/websrvmng -u --vhost-name=$1
/etc/init.d/httpd restart
touch suphp_subdomain.sh
chown root:root
chmod 755
vi suphp_subdomain.sh
#!/bin/bash
sleep 30
echo '# PHP version detected 5' >> /var/www/vhosts/$1/subdomains/$2/conf/vhost.conf
echo '<IfModule mod_suphp.c>' >> /var/www/vhosts/$1/subdomains/$2/conf/vhost.conf
echo "<Directory \"/var/www/vhosts/$1/subdomains/$2/httpdocs/\">" >> /var/www/vhosts/$1/subdomains/$2/conf/vhost.conf
echo 'php_admin_flag engine on' >> /var/www/vhosts/$1/subdomains/$2/conf/vhost.conf
echo 'suPHP_Engine On' >> /var/www/vhosts/$1/subdomains/$2/conf/vhost.conf
echo "suPHP_ConfigPath \"/var/www/vhosts/$1/subdomains/$2/httpdocs/\"" >> /var/www/vhosts/$1/subdomains/$2/conf/vhost.conf
echo 'AddHandler php5-script .php' >> /var/www/vhosts/$1/subdomains/$2/conf/vhost.conf
echo 'AddHandler x-httpd-php .php5' >> /var/www/vhosts/$1/subdomains/$2/conf/vhost.conf
echo 'suPHP_AddHandler php5-script .php' >> /var/www/vhosts/$1/subdomains/$2/conf/vhost.conf
echo '<Files php.ini>' >> /var/www/vhosts/$1/subdomains/$2/conf/vhost.conf
echo 'order allow,deny' >> /var/www/vhosts/$1/subdomains/$2/conf/vhost.conf
echo 'deny from all' >> /var/www/vhosts/$1/subdomains/$2/conf/vhost.conf
echo '</Files>' >> /var/www/vhosts/$1/subdomains/$2/conf/vhost.conf
echo 'php_value open_basedir "/tmp/"' >> /var/www/vhosts/$1/subdomains/$2/conf/vhost.conf
echo "php_value upload_tmp_dir \"/var/www/vhosts/$1/subdomains/$2/httpdocs/tmp/\"" >> /var/www/vhosts/$1/subdomains/$2/conf/vhost.conf
echo '</Directory>' >> /var/www/vhosts/$1/subdomains/$2/conf/vhost.conf
echo '</IfModule>' >> /var/www/vhosts/$1/subdomains/$2/conf/vhost.conf
/usr/local/psa/admin/bin/websrvmng -u --vhost-name=$1
/etc/init.d/httpd restart
Files are ready. Now login to plesk and goto Server --> Event Manager --> Add New Event Handler
select event "Domain created", priority -> lowest, user -> root and in command insert:/usr/local/psa/bin/suphp_domain.sh <new_domain_name>
This will create config file for every new domain you create. The same we have to do for subdomain:
Server --> Event Manager --> Add New Event Handler, select event "Subdomain created", priority -> lowest, user -> root and in command insert:
/usr/local/psa/bin/suphp_subdomain.sh <new_domain_name> <new_subdomain_name
This will do the same for every subdomain.
Thats all, now you can easy install joomla, wordpress, gallery's and others without any problems with permissions in your new domains created in plesk. I don't know it is compatible with plesk 9.x.
If you already have domains with instaled aplications than you have to change permissions to use with suphp:
find . -type f -exec chmod 644 {} \;; find . -type d -exec chmod 755 {} \;; find . -exec chown <USER>
sacln {} \;; service httpd restartYou must change <USER> to your own domain user.
Use it at your own risk.
Thank to atomicrocketturtle.com, linuxhostingsupport.net and other which resourses was very usefull.
Indeed, but let's see, let's analyze.
1. To do this, you need to be a Linux guy, not advanced, but at least medium Linux guy. If not, you can screw up your server and then will cost to fix it.
2. Time spent (only if you have a lot) is around 2-3 hour, if you count it at 40USD/hour, for example, then is 80-120USD your job.
With Power Toys for 29USD is done the job and not mention that you have 10 tools inside
From my opinion, starter administrators or who does not have time ... I will let you to decide.
1. To do this, you need to be a Linux guy, not advanced, but at least medium Linux guy. If not, you can screw up your server and then will cost to fix it.
2. Time spent (only if you have a lot) is around 2-3 hour, if you count it at 40USD/hour, for example, then is 80-120USD your job.
With Power Toys for 29USD is done the job and not mention that you have 10 tools inside
From my opinion, starter administrators or who does not have time ... I will let you to decide.
D
darkscreamz
Guest
I followed the guide @ http://www.grafxsoftware.com/faq.php/HOW-TO-Setup-a-PLESK-Dedicated-Server/1/4/ to setup suphp on Ubuntu 8.04 with Plesk 8.6 and while initially I thought it was running OK it appears I've got an issue.
suphp runs fine for the users website root directory (e.g. /httpdocs), but doesn't appear to descend into sub-directories (e.g. /httpdocs/joomla).
e.g. If I run a php script in the root directory, it runs as the user as expected. If I run the same script in a sub-directory of that root directory it runs as apache...
Anyone got any idea why this would be occurring, happy to post configs if requested?
suphp runs fine for the users website root directory (e.g. /httpdocs), but doesn't appear to descend into sub-directories (e.g. /httpdocs/joomla).
e.g. If I run a php script in the root directory, it runs as the user as expected. If I run the same script in a sub-directory of that root directory it runs as apache...
Anyone got any idea why this would be occurring, happy to post configs if requested?
Similar threads
