Converting Your PHP Handler from DSO to suPHP (cPanel on CentOS)

[Miraenda]

In order to convert your server from DSO to suPHP for the PHP Handler, you may wish to follow these steps.

Switch to suPHP Handler

If your server's EasyApache already had suPHP compiled, you can do this in WHM > Apache Configuration > PHP and SuExec Configuration area. There will be a dropdown next to your PHP version with suphp listed to select it. Simply choose suphp, then click "Save New Configuration" button.

If suPHP is not listed for the handler, you will have to recompile Apache to include it first. This can be done either in WHM > EasyApache (Apache Update) area or using the command /scripts/easyapache in root SSH. During EasyApache, you will find suPHP listed in the Short Options List as Mod SuPHP. After Apache has finished recompiling, the suPHP should then show up now in WHM > Apache Configuration > PHP and SuExec Configuration area to select.

After you've changed the PHP handler to suPHP, you can then follow the rest of the steps to convert the accounts to properly work under it.

Change all permissions for folders from 777 to 755

The following command will change the folders inside public_html for all accounts to 755, it doesn't just list the ones needing changed:

Code:

find /home/*/public_html -type d -exec chmod 755 {} \;

Change all permissions for files from 666 to 644

The following command will change the files inside public_html for all accounts to 644, it doesn't just list the ones needing changed:

Code:

find /home/*/public_html -type f -exec chmod 644 {} \;

Fix ownership to public_html contents to user:user (rather than user:nobody), but keep top level of public_html as user:nobody

Code:

for i in `ls /var/cpanel/users/`; do chown -R $i:$i /home/$i/public_html ; done
for i in `ls /var/cpanel/users/`; do chown $i:nobody /home/$i/public_html ; done
for i in `ls /var/cpanel/users/`; do chown $i:nobody /home/$i/public_html/_vti_pvt ; done

The first command recursively chowns all files and folders inside public_html to the users found in /var/cpanel/users folder. The second command puts the top-level of public_html as user:nobody as it needs to remain that setting. The last command changes the FrontPage extensions folder _vti_pvt in public_html to user:nobody as well, since it likewise needs that permission.

A strong word of caution here on using a recursive chown for these ownership permissions. If you have other users on your system with shell access besides yourself, please see this location for why to be careful about using a recursive chown to fix these ownership issues. Use the steps noted at this post as a guide for how to fix such ownership issues.

Remove any php_value and php_flag entries in .htaccess files as they will produce an Internal Server Error if in an account's .htaccess file.

Here are the commands to find all such files:

Code:

find /home -type f -name '.htaccess' -exec grep -Hrn 'php_value' '{}' \;
find /home -type f -name '.htaccess' -exec grep -Hrn 'php_flag' '{}' \;

The above commands will only find these files, it will not change or remove the lines, which you'd need to remove them manually. After those php_flag and php_value lines have been removed from any .htaccess, then any accounts needing the values set in their own php.ini file could be done using:

Code:

cp /usr/local/lib/php.ini /home/username/public_html/php.ini
chown username:username /home/username/public_html/php.ini

Then edit the php.ini file to change to the new values, and point the .htaccess on that account to use that php.ini file:

Code:

suPHP_ConfigPath /home/username/public_html/

In these examples, replace username with the actual cPanel username.