Tuesday, 16 October 2012

Installation Of SUPHP From Source




suPHP is a tool for executing PHP scripts with the permissions of their owners. It consists of an Apache module (mod_suphp) and a setuid root binary (suphp) that is called by the Apache module to change the uid of the process executing the PHP interpreter. This release fixes a bug causing problems with symbol links in the script path, which was introduced with the 0.7.0 release.

Installation 

1) First we download and extract suPHP-0.71
                        2) cd suPHP-0.71
                        3) ./configure --prefix=/usr/local --with-apxs=/usr/local/apache2/bin/apxs --with-
logfile=/var/log/http/suphp_log --sysconfdir=/etc --with-apr=/usr/local/apache2/bin/apr-1-config
--with-php=/usr/local/php/bin/php-cgi
                       4) make
                       5) make install
                       6) Then add the content into httpd.conf file
AddHandler x-httpd-php .php .php3 .php4 .php5 .phtml
<VirtualHost 192.168.1.110:80>
DocumentRoot /home/www/www
ServerName test007.server.com
suPHP_AddHandler x-httpd-php
suPHP_Engine on
suPHP_ConfigPath /etc/
ErrorLog /var/log/http/suphp_log
suPHP_UserGroup www www
</VirtualHost>
                       7) Add the file in /etc/suphp.conf
[global]
;Path to logfile
logfile=/var/log/http/suphp_log
;Loglevel
loglevel=info
;User Apache is running as
webserver_user=daemon
;Path all scripts have to be in
docroot=/home/www/www
;Path to chroot() to before executing script
chroot=/mychroot
; Security options
allow_file_group_writeable=false
allow_file_others_writeable=false
allow_directory_group_writeable=false
allow_directory_others_writeable=false
;Check wheter script is within DOCUMENT_ROOT
check_vhost_docroot=true
;Send minor error messages to browser
errors_to_browser=true
;PATH environment variable
env_path=/bin:/usr/bin
;Umask to set, specify in octal notation
umask=0077
; Minimum UID
;min_uid=500
; Minimum GID
;min_gid=500
[handlers]
;Handler for php-scripts
x-httpd-php="php:/usr/local/php/bin/php-cgi"
;Handler for CGI-scripts
x-suphp-cgi="execute:!self"
8) chmod 705 www
9) chmod 644 www/info.php
10) restorecon info.php
11) cd /www
12) chown www:www info.php
13) chown www:www /home/www/www/*
14) http://test007.server.com/index.php  
Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)