hi guys.. want to confirm if the permission levels i am setting in my hosting account safe.. I set the root and all the folders under it with permissions to the server user as read and execute. However, i set read, write and execute permissions for cache, cache_public and tmp folders.. is this permission setup adequate yet safe?
Thanks!
|
Depends on what way you are running apache: dso, suphp, fastcgi ..... https://dolphin-techs.com - Skype: Dolphin Techs |
Depends on what way you are running apache: dso, suphp, fastcgi .....
Since you mentioned this, I asked about this in my Server reloaded with WHM/cPanel-Dolphin crying 500 post. I set it on dso since I got no answers on that topic. What do you recommend?
Geeks, making the world a better place |
Well like i said ... i run nginx, fastcgi, apc on some of my builds and run 755, 644 permissions. https://dolphin-techs.com - Skype: Dolphin Techs |
I was trying to set things to get the most out of the build. It seems to me the site is loading a bit slower than it did on my Nginx/PHP-FPM build. Geeks, making the world a better place |
Hello
This indeed depends on the configuration. When running dso, I would recommend you enabling mod_ruid2. That way files can be executed from your cPanel user and you can keep the 755 permissions for folders and 644 for files.
More information about mod_ruid2 is available at:
http://docs.cpanel.net/twiki/bin/view/EasyApache3/ModRuid2
|
If you want i can log back into the server and tweak a bit to improve speed. https://dolphin-techs.com - Skype: Dolphin Techs |
| Apache 2.4.7 |
| [More Info ↑] |
Access |
| [More Info ↑] |
Actions |
| [More Info ↑] |
Alias |
| [More Info ↑] |
AuthnDefault |
| [More Info ↑] |
AuthzHost |
| [More Info ↑] |
Autoindex |
| [More Info ↑] |
Cache |
| [More Info ↑] |
DIR |
| [More Info ↑] |
Deflate |
| [More Info ↑] |
Disk Cache |
| |
This option will make the following changes to your profile prior to the build:
Enables:
Cache
|
| [More Info ↑] |
Expires |
| [More Info ↑] |
File Cache |
| |
Fileprotect |
| |
Prevent Users from reading other webroots |
| [More Info ↑] |
Headers |
| [More Info ↑] |
Log Config |
| [More Info ↑] |
MPM Event |
| |
PHP may not be run as an Apache DSO (mod_php) while this MPM is in use |
| [More Info ↑] |
Mime |
| [More Info ↑] |
Negotiation |
| [More Info ↑] |
Mod SuPHP |
| |
This option will make the following changes to your profile prior to the build:
Enables:
CGI
|
| [More Info ↑] |
Proxy |
| |
required for cPanel/WHM/Webmail/Webdisk proxy VirtualHost support |
| [More Info ↑] |
Setenvif |
| [More Info ↑] |
Status |
| |
Symlink Race Condition Protection |
| [More Info ↑] |
UniqueId |
| [More Info ↑] |
Userdir |
| [More Info ↑] |
Mod Security |
| |
v2.7.7 for Apache 2.2 and 2.4 This option will make the following changes to your profile prior to the build:
Enables:
UniqueId
|
| [More Info ↑] |
EAccelerator for PHP |
| |
v0.9.6.1 - caches compiled PHP pages ONLY when running in a persistent (DSO/FCGID) manner |
| |
| PHP 5.4.25 |
| [More Info ↑] |
Bcmath |
| [More Info ↑] |
Calendar |
| [More Info ↑] |
CurlSSL |
| |
This option will make the following changes to your profile prior to the build:
Disables:
Curl
|
| [More Info ↑] |
Exif |
| [More Info ↑] |
FTP |
| [More Info ↑] |
GD |
| |
This option will make the following changes to your profile prior to the build:
Enables:
Zlib
|
| [More Info ↑] |
Gettext |
| [More Info ↑] |
Imap |
| [More Info ↑] |
Mbstring |
| [More Info ↑] |
Mcrypt |
| [More Info ↑] |
Mysql |
| |
compile MySQL support using the PHP bundled libraries (if the System MySQL option is checked it takes precedence over this option) |
| [More Info ↑] |
Mysql of the system |
| |
compile mysql (and mysqli if its checked) support against the system libraries |
| [More Info ↑] |
MySQL "Improved" extension. |
| |
MySQLi does not replace the standard MySQL extension. Requires MySQL 4.1 or later. !! mysqli may not work on all systems, contact your support provider for mysqli support !! |
| [More Info ↑] |
Openssl |
| |
Requires OpenSSL 0.9.7 or newer |
| [More Info ↑] |
PDO |
| |
Includes SQLite support. MySQL support is available. If you plan on installing or updating PDO drivers (freetds, oracle, etc) via PECL you might want to skip this option as PECL will install the version of PDO it has. This option will make the following changes to your profile prior to the build:
Enables:
SQLite3
|
| [More Info ↑] |
PDO MySQL |
| |
This option will make the following changes to your profile prior to the build:
Enables:
PDO
|
| |
Path Info Check |
| [More Info ↑] |
PGsql |
| |
Requires PostgreSQL 7.3 or higher to already be installed. You can do that with /scripts/installpostgres |
| |
Safe PHP CGI |
| |
prevents users from overriding system php.ini |
| [More Info ↑] |
Sockets |
| [More Info ↑] |
System Timezone |
| |
Use system timezone data in /usr/share/zoneinfo instead of PHP timezonedb |
| [More Info ↑] |
TTF (FreeType) |
| [More Info ↑] |
XSL |
| [More Info ↑] |
XmlRPC |
| [More Info ↑] |
Zip |
| [More Info ↑] |
Zlib |
| |
Requires that zlib is installed and up to date |
| |
Save my profile with appropriate PHP 5 options set so that it is compatible with cpphp |
| |
This option will make the following changes to your profile prior to the build:
Enables:
CurlSSL
FTP
GD
Gettext
Iconv
Imap
Mbregex
Mbstring
Mysql
Mysql of the system
PGsql
Sockets
System Timezone
Zlib
Disables:
MailHeaders
|
caredesign.net |
If you want i can log back into the server and tweak a bit to improve speed.
Oh yeah, we were going to look over things. If you don't mind doing that.
I was asking for the second WHM/cPanel server, not the one we did the restore on. However, he told me that he had been trying to do some tweaks so if you have the time, yes, please look over the settings and see if anything is not as it should be.
Geeks, making the world a better place |
Hello
This indeed depends on the configuration. When running dso, I would recommend you enabling mod_ruid2. That way files can be executed from your cPanel user and you can keep the 755 permissions for folders and 644 for files.
More information about mod_ruid2 is available at:
http://docs.cpanel.net/twiki/bin/view/EasyApache3/ModRuid2
Yes, on the new server I did have to set some permission outside of what I normally do. I will read up on mod_ruid2.
Geeks, making the world a better place |
Ok email the info for the second server as well. https://dolphin-techs.com - Skype: Dolphin Techs |
@tmd - could you give more explanation as to what the mod_ruid2 does. I had DSO with Eaccelerator, but never the mod_ruid and all worked well. Will it enhance performance any? caredesign.net |
