Easy Apache 3 & PHP
cPanel recommends that only one version of PHP is selected so that configuration and management is simplified.
When only one version of PHP is installed, a CGI binary is installed to /usr/bin/php and a CLI binary is installed to /usr/local/bin/php.
When both PHP4 and PHP5 are enabled, PHP5 will be installed to the standard locations /usr/bin/php and /usr/local/bin/php. PHP4 will be installed in /usr/php4/bin/php and /usr/local/php4/bin/php.
EasyApache 3 includes the ability to install, uninstall or update several popular PHP extensions as part of the Apache and PHP build process. When EasyApache runs it will automatically determine which extensions are active in main php.ini file at /usr/local/lib/php.ini. Active extensions will automatically be selected in the EasyApache 3 interface.
Rerunning EasyApache 3 is not required to enable or disable the standard PHP extensions. cPanel 11 provides a tool called /scripts/phpextensionmgr that can also be used for installation or removal.
Run the below command for detailed information.
/scripts/phpextensionmgr –help
1. Create a file with the following content:
<?php
phpinfo();
?>
and then save it into the $HTTPD_VHOSTS_D/domain.tld/httpdocs folder as 1.php (the name may be different, only .php should be existed)
2. Open the file via browser:
http://your-domain.com/1.php
Note! The PHP support should be enabled for the domain.
On the page the standard PHP diagnostic table should be existed.
Cpanel/WHM ways to configure PHP
DSO — Provides PHP through libphp4.so or libphp5.so (aka, mod_php). This option is usually the fastest way to execute PHP requests; however, this option uses the system user called “nobody” to serve all PHP requests.
suPHP — Provides PHP through mod_suphp. Using this option is probably the most flexible way of serving PHP requests and is generally very secure. Under this option, PHP scripts will be executed by the user who owns the VirtualHost serving the request.
FCGI — This option serves PHP through mod_fcgid. This is a fast way of serving PHP requests but will most likely require that you tweak php.conf. You can enable suEXEC to execute PHP scripts under the user who owns the VirtualHost that is serving the request or, if suEXEC is disabled, PHP will be served by the system user ‘nobody’.
Cpanel php extensionmgr
EasyApache has the ability to install, uninstall, and update several popular PHP extensions as part of the build process. When EasyApache runs, it will automatically determine which extensions are active in the main php.ini file at /usr/local/lib/php.ini. Active extensions will automatically be selected in the EasyApache interface.
Rerunning EasyApache is not required in order to enable or disable the standard PHP extensions. cPanel now provides a tool called /scripts/phpextensionmgr that can also be used for the installation or removal of PHP extensions. For detailed information about this tool, run the following command:
/scripts/phpextensionmgr –help
Example: Install
/scripts/phpextensionmgr install EAccelerator
Example: Uninstall
/scripts/phpextensionmgr uninstall EAccelerator
Reference : http://cpanel.net/
Run PHP as user instead of as the web server user nobody.
suPHP is a tool for executing PHP scripts with the permissions of their owners.
It consists of an Apache module (mod_suphp) and a setuid root binary (suphp) that is called by the Apache module to change the uid of the process executing the PHP interpreter.
You can run PHP as the user (like CGI scripts do with Apache’s suEXEC), with EasyApache’s PHP As User option. This will enable suPHP, greatly improving the permissions situation.
Vulnerable scripts will be limited to the user in question, and are less likely to affect other users. It also changes how PHP interacts with Apache; for example, directives like php_$value are not valid for mod_suphp.
mod_suphp is considerably slower than mod_php.
PHP runs as part of the web server so that, among other things, certain tasks can be done once and held in memory instead of repeated with each request. This helps to speed the server’s performance, and requires that PHP run as the web server’s user “nobody.”
Since that is the case, PHP and directory permissions generally need to be very loose, so PHP can manipulate things. This can allow any user to employ a PHP script to read and write other users’ data. At times, a flaw in PHP can even allow a PHP script to gain root access or take over data in requests on other users’ PHP scripts.
Reference : http://www.suphp.org/
: http://cpanel.net/
