Cpanel/WHM ways to configure PHP
DSO — Provides PHP through libphp4.so or libphp5.so (aka, mod_php). This option is usually the fastest way to execute PHP requests; however, this option uses the system user called “nobody” to serve all PHP requests.
suPHP — Provides PHP through mod_suphp. Using this option is probably the most flexible way of serving PHP requests and is generally very secure. Under this option, PHP scripts will be executed by the user who owns the VirtualHost serving the request.
FCGI — This option serves PHP through mod_fcgid. This is a fast way of serving PHP requests but will most likely require that you tweak php.conf. You can enable suEXEC to execute PHP scripts under the user who owns the VirtualHost that is serving the request or, if suEXEC is disabled, PHP will be served by the system user ‘nobody’.
Error: “PEAR: command not found”
If you build PHP with PEAR, and the script pear does not exist on your server, this is what happened:
At some point, /usr/local/bin/pear and/or /usr/bin/pear were manually removed.
The directories /usr/local/lib/php/.registry and/or /usr/lib/php/.registry exist.
During PHP’s make install, the existence of those .registry directories cause the PEAR shell archive to think PEAR is already installed, so it skips the remainder of the PEAR build. Therefore, the bin/ files are not rebuilt.
However, if you move or delete the .registry files so that the build will complete, you lose the data about PEAR modules installed on the system.
How to resolve this issue.
The best course of action is to download the PEAR tarball from http://pear.php.net/package/PEAR/download to obtain the bin/ that is missing on your server, and place it in the proper location on your system.
Reference : http://cpanel.net & http://pear.php.net/
More about phpextensionmgr
# /scripts/phpextensionmgr –help
phpextensionmgr [options] [action] [extension]
Options:
–help Help message
–prefix Installation prefix for PHP (normally /usr/local or /usr/local/php4)
Actions:
install Install or update the extension
uninstall Uninstall the extension
status Display the installation status of the extension
list Show available extensions
How to list available extensions:
# /scripts/phpextensionmgr list
Available Extensions:
EAccelerator
IonCubeLoader
Zendopt
SourceGuardian
PHPSuHosin
Cpanel php extensionmgr
EasyApache has the ability to install, uninstall, and update several popular PHP extensions as part of the build process. When EasyApache runs, it will automatically determine which extensions are active in the main php.ini file at /usr/local/lib/php.ini. Active extensions will automatically be selected in the EasyApache interface.
Rerunning EasyApache is not required in order to enable or disable the standard PHP extensions. cPanel now provides a tool called /scripts/phpextensionmgr that can also be used for the installation or removal of PHP extensions. For detailed information about this tool, run the following command:
/scripts/phpextensionmgr –help
Example: Install
/scripts/phpextensionmgr install EAccelerator
Example: Uninstall
/scripts/phpextensionmgr uninstall EAccelerator
Reference : http://cpanel.net/
Run PHP as user instead of as the web server user nobody.
suPHP is a tool for executing PHP scripts with the permissions of their owners.
It consists of an Apache module (mod_suphp) and a setuid root binary (suphp) that is called by the Apache module to change the uid of the process executing the PHP interpreter.
You can run PHP as the user (like CGI scripts do with Apache’s suEXEC), with EasyApache’s PHP As User option. This will enable suPHP, greatly improving the permissions situation.
Vulnerable scripts will be limited to the user in question, and are less likely to affect other users. It also changes how PHP interacts with Apache; for example, directives like php_$value are not valid for mod_suphp.
mod_suphp is considerably slower than mod_php.
PHP runs as part of the web server so that, among other things, certain tasks can be done once and held in memory instead of repeated with each request. This helps to speed the server’s performance, and requires that PHP run as the web server’s user “nobody.”
Since that is the case, PHP and directory permissions generally need to be very loose, so PHP can manipulate things. This can allow any user to employ a PHP script to read and write other users’ data. At times, a flaw in PHP can even allow a PHP script to gain root access or take over data in requests on other users’ PHP scripts.
Reference : http://www.suphp.org/
: http://cpanel.net/
