ServerBuddies Support Blog

Run PHP as user instead of as the web server user nobody.

suPHP is a tool for executing PHP scripts with the permissions of their owners.

It consists of an Apache module (mod_suphp) and a setuid root binary (suphp) that is called by the Apache module to change the uid of the process executing the PHP interpreter.

You can run PHP as the user (like CGI scripts do with Apache’s suEXEC), with EasyApache’s PHP As User option. This will enable suPHP, greatly improving the permissions situation.

Vulnerable scripts will be limited to the user in question, and are less likely to affect other users. It also changes how PHP interacts with Apache; for example, directives like php_$value are not valid for mod_suphp.

mod_suphp is considerably slower than mod_php.

PHP runs as part of the web server so that, among other things, certain tasks can be done once and held in memory instead of repeated with each request. This helps to speed the server’s performance, and requires that PHP run as the web server’s user “nobody.”

Since that is the case, PHP and directory permissions generally need to be very loose, so PHP can manipulate things. This can allow any user to employ a PHP script to read and write other users’ data. At times, a flaw in PHP can even allow a PHP script to gain root access or take over data in requests on other users’ PHP scripts.

Reference : http://www.suphp.org/
: http://cpanel.net/

LiteSpeed Web Server Installation Steps

Installation Instructions for LiteSpeed Web Server.

Download From : http://www.litespeedtech.com/litespeed-web-server-downloads.html

1. Extract the package at convinent location by using

or

if you are not using the GNU tar

2. Type

3. If you want to install to system directory, you need to become root first.

Type

4. Follow the instruction on the screen.

Including Directives into Web Server Configuration File - Plesk

Note: you can change the location of virtual host directories using the transvhosts.pl utility, which is located either in /usr/local/psa/bin/ or /opt/psa/bin/ directory, depending on your operating system.

You can include domain-specific Apache configuration directives into web server configuration file. In Parallels Plesk Panel, each domain has virtual hosts configuration stored in a separate file httpd.include.

On all Linux systems, this file is located in the directory /var/www/vhosts/domain-name/conf/.

On FreeBSD systems, this file is located in the directory /usr/local/psa/home/vhosts/domain-name/conf/.

To use custom directives or redefine those inserted by Parallels Plesk Panel, you need to create the files vhost.conf or vhost_ssl.conf with necessary directives in the directory /path_to_vhosts/domain-name/conf/ for a domain, and /path_to_vhosts/domain-name/subdomains/subdomain-name/conf/ for a subdomain.

Resource: http://parallels.com/Plesk/

If you are going to host more than 300 domains or web sites on your server, you should switch on support for piped logs in the Apache Web Server.

To enable piped logs:

Log in to the server shell.

Source from Plesk.

Nikto web server assessment tool

nikto - web server security scanner

Nikto is a web server assessment tool. It is designed to find various default and insecure files, configurations and programs on any type of web server.

Requirements

Any system which supports a basic PERL installation should allow Nikto to run. It has been extensively tested on. For SSL support the Net::SSLeay PERL module must be installed (which in turn requires OpenSSL on the Unix platform).

The nmap scanner can also be used, if desired. In some cases using nmap will slow down Nikto execution, as it must call an external program. For scanning many ports across one or more servers, using nmap will be faster than using Nikto’s internal PERL scanning.

Download

Unpack the download file:

Basic Testing

The most basic Nikto scan requires simply a host to target, since port 80 is assumed if none is specified. The host can either be an IP or a hostname of a machine, and is specified using the -h (-host) option. This will scan the IP 192.168.0.1 on TCP port 80:

To check on a different port, specify the port number with the -p (-port) option. This will scan the IP 192.168.0.1 on TCP port 443:

Hosts, ports and protocols may also be specified by using a full URL syntax, and it will be scanned:

There is no need to specify that port 443 may be SSL, as Nikto will first test regular HTTP and if that fails, HTTPS. If you are sure it is an SSL server, specifying -s (-ssl) will speed up the test.