This is to inform you that due to Server-wide security concern of the Linux server we have compiled PHP in SuPHP mode which is more secure mode compare to another two mode (ie. DSO, CGI), previously PHP was running with DSO mode.
PROS for SuPHP
- Security -
With SuPHP enabled, all scripts are run as the user. If you have a website with vulnerable scripts being manipulated by unathorized/undesired users then such scripts will run as the user and will be easier to trace.
- Performance -
Ability to easily tell what users' web applications are using up system resources as every application will be run as its user/owner.
CONS for SuPHP
- On a server with a lot of sites, it's inevitable that you encounter a few problems where website scripts haven't been changed to the appropriate permissions and thus will not run. Contents of the users web directory must be recursively Chowned to user:user. PHP scripts needs to be CHMOD 644 or less. CGI scripts need to be CHMOD 755 or less. Directories need to be CHMOD 755 or less.
- ‘php_value’ or ‘php_flag’ statement delineated in .htaccess file will not work so please comment out those line which started from ‘php_value’ or ‘php_flag’
We regret any inconvenience faced and look forward to your kind co-operation as always as these steps were taken to promise you a secured hosting service.
Please feel free to mail us at email@example.com for any further assistance or clarifications.
Posted on: Thursday, 10th December 2009 12:47 AM