faqts : Computers : Programming : Languages : PHP : Installation and Setup : Security

+ Search
 Add Entry AlertManage Folder Edit Entry Add page to http://del.icio.us/
Did You Find This Entry Useful?

21 of 66 people (32%) answered Yes
Recently 3 of 10 people (30%) answered Yes

Entry

how to setup Apache to use PHP CGI with VirtualHosting and suEXEC?
How do you keep the #!/usr/local/bin/php from displaying on the page?

Apr 9th, 2001 22:59
Michel Jansens, Nathan Wallace, Amen Mok, Jack Beidler, 


1. Make shure Apache is configured with suexec. If you want to set a 
particular user for some virtual host use the User and group directives 
in the virtualhost directive in your httpd.conf.

    Check it with this csh script in your cgi-bin:
  		#!/bin/csh
		echo "Content-type:text/html\n\n"
		echo "running as:"
		/usr/bin/whoami

2. configure php with ./configure --enable-discard-path (WITHOUT the 
enable-force-cgi-redirect.) and put it somewhere outside your web tree 
(eg /usr/local/bin/php)

3. Add the line: #!/usr/local/bin/php
    in the first line of all your php scripts.

4. All your php script must be in a ScriptAlias zone (eg cgi-bin)

5. the php file and parent directory must be writeable only to the 
specific user (and group) on which you want to suexec to run as.

6. check all this with the php script:

    #!/usr/local/bin/php
    <?php
      system("/usr/bin/whoami");
     ?>