Php run as User

777 – Do I need directories set to this? My install script says that I do.

No, you do not need to have directories or files set to 777, even if your installation documents tell you that you do. Permissions of 755 will work in the same way – Scripts owned by your account user UID/GID will be able to write to your files, the same way that they can running under apache with 777 permissions.

You cannot manipulate the php.ini settings with .htaccess when running PHP as cgi/phpsuexec.

If you have php applications / scripts that have directories set to 777, (required to write to them under php/apache module), they would need to be changed. Also we would need to change ownerships of all files owned by user “nobody” to the user name UID/GID for your account.

htaccess

You cannot manipulate the php.ini settings with .htaccess when running PHP as cgi/phpsuexec. If you are using .htaccess with php_value entries within it, you would receive an internal server 500 error when attempting to access the scripts. This is because PHP is no longer running as an Apache module and Apache will not handle those directives any longer. All PHP values should be removed from your .htaccess files to avoid this issue. Placing a php.ini file in its place will solve this issue. (Please see below.)

Default settings, I need Zend Optimizer or php to run with different options than the servers default settings, can I do this?

The server default settings with php.ini may restrict certain applications, it is possible to modify the settings and how php will run on your account, on a per directory basis. If you have an application that requires for example :-

register_globals = On

Then by creating a file named php.ini within the directory that the script is located within, with the entry register_globals = On would allow you to run that script with your settings.

If you also require say Zend Optimizer to be installed for your application, you would have :-

register_globals = On
zend_optimizer.optimization_level=15
zend_extension=“/usr/local/Zend/lib/ZendOptimizer.so”

You may copy the other variables from the phpinfo page as they appear within it and modify the settings as required for your scripts.

Some important relevant default PHP values are as follows:-

register_globals = Off
register_argc_argv = Off
safe_mode = On
magic_quotes_gpc = Off

All other settings can be viewed from your server’s phpinfo.php page.

Quick trouble shooter. . . . . HELP my php script doesn’t work or I have an error message

  1. Check that the PHP script that you are attempting to execute has permissions of no more than 755 – 644 will work just fine normally, this is not something that will need to be changed in most cases.
  2. Check that the chmod permissions for the folder that the script resides in are set to a maximum of 755. This also includes folders that the script would need to have access to also.
  3. Check that the files are owned by you i.e. not owned by user ‘nobody’. Certain applications having been run under PHP as an Apache module, may have files owned by the Apache user – In that case, submit a helpdesk ticket for the file ownerships to be changed.
  4. Check that you do not have an .htaccess file with php_values within it. They will cause a 500 Internal server error, when attempting to execute the script. The php_values will need to be removed from your .htaccess file and a php.ini put in its place, containing the PHP directives as explained above.

    Source :
    http://codylindley.com/Misc/74/server-security-issues-phpsuexec-textpattern


  • 18 Users Found This Useful
Was this answer helpful?