AKIS Servers – Coming Soon:”suPHP”
We will soon be rolling out “suPHP” across all servers which will not only provide an added layer of security but equally importantly will enable PHP scripts to run under your account username instead of the ‘nobody’ user which is the default Apache/Web server user. This brings about many benefits which include, but is not limited to:
- All files and folders generated via HTTP (such as blog and CMS content uploads and generation, including WordPress) will be owned by the correct user instead of ‘nobody’
- More efficient process control (how many can run at once, how long the processes can run for, the amount of CPU and memory each process can take)
- Enhanced security between user accounts
- Display accurate disk usage on quota calculations
- More efficient abuse tracking for processes running spam scripts or attack bots
suPHP additionally removes the requirement of using 777 permissions on files and directories that need the write permission assigned. In fact, a directory or file that is set to permission level of 777 will display an internal server 500 error when being accessed via a web browser. The top level of permissions that a user can assign in a suPHP environment is 755.
With suPHP the correct permissions should be:
Writable Folders: 755
Writable Files: 644
Files that need to be un-writable: 444
No longer will you need to submit support requests to change (chown) files to the correct user, which saves you the hassle of opening a ticket.
The most common situation, and so most common question, will be:
“What will happen to accounts/directories/files that already have 777 permissions in place?“
The answer is that we will be using scripts to automatically take care of any required permissions changes and htaccess rules conversion (to user php.ini). Files/folders with chmod 777 will be change to reflect the correct permissions.
We are currently in the final stages of testing this in a live environment and will be looking to roll this out across all servers in a few weeks time if all goes as planned and our live trials are deemed a success. As the time nears we will post additional information on what changes can be expected – stay tuned!