suPHP is an Apache module that let’s you handle PHP requests in a secure and fast way. It’s not as fast as DSO module, however suPHP provides much better security by limit users to use restricted file and directory permissions, and also to run PHP scripts as the real system user, and not as nobody (as it happens on DSO).
Using suPHP will enchance your Server Security, you will reduce the possibilities of hacking and malware/virus infections. The only bad thing if we compare it with DSO is the fact that suPHP consumes a little bit more system resources, but if you have more than 4GB of RAM and good CPU probably you won’t notice any issues.
3 Steps to migrate from DSO to suPHP
- Verify suPHP is compiled into your Apache installation
Login to your WHM then click on: Service Configuration » Configure PHP and suEXEC
Click on the drop down close to “PHP 5 Handler”, if you see suPHP, then it’s compiled. Select it from the list and save your changes.
If you don’t see suPHP there, login as root via shell and recompile Apache with suPHP support:
/scripts/easyapache
2. Correct file/directory permissions and set the correct owner of the files
Login into your linux box as root, and type:
cd /var/cpanel/users
for i in *; do find /home/$i/public_html -type f -exec chmod 644 -v {} \;; done
for i in *; do find /home/$i/public_html -type d -exec chmod 755 -v {} \;; done
for i in *; do chown $i.$i /home/$i/public_html -R -v; done
The first two “for” loops, wil change files to 644 and directories to 755. The last line ensures you are using the right owner for all your files.
3. Verify your sites are working properly.
4. Important: remember that on suPHP you can’t run scripts or directories with 777, that will cause Internal server errors.
That’s it, now all your files and directories run with secure permissions, and your PHP scripts run as the real system user they belong to. Migration from DSO to suPHP is over =)