Making Permissions Easier: suPHP or CGI
Making Permissions Easier: suPHP or CGI
By Paul
By Paul
Note: This article is applicable to Linux/Unix environments only, though a Windows expert may be able to discern which if any parts are applicable to that platform.
If you find yourself having to provide FTP information to WSN in order for things to work, or even manually chmoding if the FTP extension isn't available, this means that PHP is running as a different user from your FTP user. When you've uploaded a file via FTP, the script doesn't own it so it's unable to modify it until permissions are allocated. Also, when the script creates a file you're unable to edit it via FTP until the script allocates you permissions. To be blunt, this gets really annoying. Fortunately, there's a solution.
When you recompile PHP with suPHP enabled, or as CGI rather than apache, you'll get script-generated files owned by your FTP user. This gets rid of all the conficts. It allows you to relax and stop thinking about who owns what, forget about CHMODing, and always be able to edit files by FTP. You'll no longer need to give your FTP information to WSN. Also you'll have a more secure setup because things won't have to be set to 666/777 anymore.
You'll probably want to ask your web host about switching to suPHP, and see if they'll take care of it for you. Once transitioned, remove your FTP info from system settings and make sure you change the chmod value for directories from 777 to 755 at Admin -> Settings -> System in the admin panels of all installed copies of WSN scripts.
If you go it alone, or you're a web host reading this article, the actual addition of suPHP is easy enough with tools like Web Host Manager, but after it finishes you'll be left with file ownerships and permissions which are no longer appropriate. The result will be 403 forbidden errors everywhere. For each account on your server, login via SSH and go to its public_html directory. There, run these commands:
chown -R accountname:accountname *
(replace accountname with the applicable account name in the above)
find . -type d -exec chmod 755 {} \;
find . -type f -name '*.php*' -exec chmod 644 {} \;
These may take a while to run.
Print
E-Mail
ReportIf you find yourself having to provide FTP information to WSN in order for things to work, or even manually chmoding if the FTP extension isn't available, this means that PHP is running as a different user from your FTP user. When you've uploaded a file via FTP, the script doesn't own it so it's unable to modify it until permissions are allocated. Also, when the script creates a file you're unable to edit it via FTP until the script allocates you permissions. To be blunt, this gets really annoying. Fortunately, there's a solution.
When you recompile PHP with suPHP enabled, or as CGI rather than apache, you'll get script-generated files owned by your FTP user. This gets rid of all the conficts. It allows you to relax and stop thinking about who owns what, forget about CHMODing, and always be able to edit files by FTP. You'll no longer need to give your FTP information to WSN. Also you'll have a more secure setup because things won't have to be set to 666/777 anymore.
You'll probably want to ask your web host about switching to suPHP, and see if they'll take care of it for you. Once transitioned, remove your FTP info from system settings and make sure you change the chmod value for directories from 777 to 755 at Admin -> Settings -> System in the admin panels of all installed copies of WSN scripts.
If you go it alone, or you're a web host reading this article, the actual addition of suPHP is easy enough with tools like Web Host Manager, but after it finishes you'll be left with file ownerships and permissions which are no longer appropriate. The result will be 403 forbidden errors everywhere. For each account on your server, login via SSH and go to its public_html directory. There, run these commands:
chown -R accountname:accountname *
(replace accountname with the applicable account name in the above)
find . -type d -exec chmod 755 {} \;
find . -type f -name '*.php*' -exec chmod 644 {} \;
These may take a while to run.
Rating:
5/5 based on 1 vote. The median rating is 5.
Rate this article:
Submitted: 01/18/08 (Edited 06/26/08)
Description: There are major advantages to using either suPHP or CGI, but the changeover is a complicated process.
Views:
105 views. Averaging 1 per day.
In the most recent 30 day period, there've been 5 views.