Making Permissions Easier: suPHP
Making Permissions Easier: suPHP
By Paul
5/5 based on 1 vote. The median rating is 5.
By Paul
Note: This article is applicable to Linux/Unix environments only, though a Windows expert may be able to discern which if any parts are applicable to that platform.
If you find yourself having to provide FTP information to WSN in order for things to work, or even manually chmoding if the FTP extension isn't available, or unable to change things via FTP after running an autoinstall, this means that PHP is running as a different user from your FTP user. Having your files owned by two different users makes things a pain when you want to access files with the other user. It's workable, but frankly really annoying. Fortunately, there's a better solution.
When you recompile PHP with suPHP enabled, you'll get script-generated files owned by your FTP user. This gets rid of all the conflicts. It allows you to relax and stop thinking about who owns what, forget about CHMODing, and always be able to edit files by FTP. You'll no longer need to give your FTP information to WSN. Also you'll have a more secure setup because things won't have to be set to 666/777 anymore.
You'll probably want to ask your web host about switching to suPHP, and see if they'll take care of it for you. Note: for WSN 4.1 series installs, after the changeover you'll need to go to Admin Panel -> Settings -> System Settings and change the selection from 777 to 775 permissions for directories there... WSN 5.0 handles this automatically for you.
If you go it alone, or you're a web host reading this article, the actual addition of suPHP is easy enough with tools like Web Host Manager (just check the suPHP box on the PHP recompilation page), but after it finishes you'll be left with file ownerships and permissions which are no longer appropriate. The result will be 403 forbidden errors everywhere. For each account on your server, login as root via SSH and go to its public_html directory. There, run these commands:
chown -R accountname:accountname *
(replace accountname with the applicable account name in the above)
find . -type d -exec chmod 755 {} ;
find . -type f -name '*.php*' -exec chmod 644 {} ;
These may take a while to run.
One could presumably find/write a better shell script that handles all accounts at once.
Print
E-Mail
ReportIf you find yourself having to provide FTP information to WSN in order for things to work, or even manually chmoding if the FTP extension isn't available, or unable to change things via FTP after running an autoinstall, this means that PHP is running as a different user from your FTP user. Having your files owned by two different users makes things a pain when you want to access files with the other user. It's workable, but frankly really annoying. Fortunately, there's a better solution.
When you recompile PHP with suPHP enabled, you'll get script-generated files owned by your FTP user. This gets rid of all the conflicts. It allows you to relax and stop thinking about who owns what, forget about CHMODing, and always be able to edit files by FTP. You'll no longer need to give your FTP information to WSN. Also you'll have a more secure setup because things won't have to be set to 666/777 anymore.
You'll probably want to ask your web host about switching to suPHP, and see if they'll take care of it for you. Note: for WSN 4.1 series installs, after the changeover you'll need to go to Admin Panel -> Settings -> System Settings and change the selection from 777 to 775 permissions for directories there... WSN 5.0 handles this automatically for you.
If you go it alone, or you're a web host reading this article, the actual addition of suPHP is easy enough with tools like Web Host Manager (just check the suPHP box on the PHP recompilation page), but after it finishes you'll be left with file ownerships and permissions which are no longer appropriate. The result will be 403 forbidden errors everywhere. For each account on your server, login as root via SSH and go to its public_html directory. There, run these commands:
chown -R accountname:accountname *
(replace accountname with the applicable account name in the above)
find . -type d -exec chmod 755 {} ;
find . -type f -name '*.php*' -exec chmod 644 {} ;
These may take a while to run.
One could presumably find/write a better shell script that handles all accounts at once.
Rating:
5/5 based on 1 vote. The median rating is 5.
Submitted: 01/18/08 (Edited 08/26/08)
Description: There are major advantages to using suPHP, but the changeover is a complicated process.
Views:
192 views. Averaging 1 per day.
In the most recent 30 day period, there've been 10 views.