Configuring CloudLinux software and PHP Handlers on a server without control panel

Due to the fact that from time to time our Helpdesk meets requests related with some problems with CageFS, PHP Selector, Apache server etc., we present this article to describe how to configure these components using suPHP and FastCGI handlers on non-panel systems.

 

This is a practical manual of setting up FastCGI and suPHP in conjunction with CageFS + PHP Selector on a server with no panel installed.

 

It is assumed that our system has been converted and loaded with CloudLinux kernel. Since PHP Selector installation requires CageFS and LVE Manager installed in the system, let’s start with CageFS installation:

 

CageFS – is a virtual file system that includes a set of tools for each user, located in an isolated environment (cell). Each account has its own fully functional CageFS, with all the necessary system files and tools as if it is working in a real system.

 

To install CageFS run the command:

LVE Manager – is a plugin for most control panels, it is designed to enable setting limits for users and packages, as well as to control PHP Selector work. It must be installed obligatorily, to enable PHP Selector functions control via server console.

 

To install LVE Manager run the command:

CageFS setup

 

To create CageFS file system run the command:

 

CageFS provides two modes of operation:

  1. Enable all, except disabled.
  2. Disable all, except enabled.

 

Select “Enable All” mode, then all current and new users will be added automatically to CageFS:

 

Add a user (if it does not exist in the system), to configure VirtualHost for:

 

Install native PHP:

 

Install PHP Selector:

 

Open configuration file httpd.conf and make the following changes:

 

In the end of the configuration file add a unit in charge of the neeed web-site, and before this unit, add another one which will handle requests to all the typos and non-existing addresses:

 

 

NOTE! You must uncomment NameVirtualHost*:80 option, otherwise only the first web-site in the list will work:

 

Create a directory to locate our web-site, create cgi-bin subdirectory in its user’s home directory:

 

 

Create phpinfo.php file to check your web-site settings:

 

Create php-cgi file in cgi-bin folder with the following content:

 

With content:

 

Give executable access:

Assign ownership for user directory stat:

Do not forget to add the rule to iptables for port 80:

-A INPUT -m state –state NEW -m tcp -p tcp –dport 80 -j ACCEPT

 

 

If you have the following error in Apache log:

# Tail -f /home/stat/public_html/logs/error.log

(13) Permission denied: access to / denied

(13) Permission denied: access to /favicon.ico denied

 

Then, open configuration file /etc/httpd/conf/httpd.conf and change AllowOverride option value from None to All:

Then restart httpd:

 

If you see the following error in log file:

# tail -f /home/stat/public_html/logs/error.log

(13)Permission denied: /home/stat/.htaccess pcfg_openfile: unable to check htaccess file,

(13)Permission denied: /home/stat/.htaccess pcfg_openfile: unable to check htaccess file,

 

Give access to user directory (700 by default)

 

If you see Internal Server Error on phpinfo page and you see the following errors in the log file:

Premature end of script headers: php.fcgi

suexec policy violation: see suexec log for more details

Premature end of script headers: php.fcgi

 

This problem stems from the fact that suexec refers to the directory /var/www by default:

-D AP_DOC_ROOT=”/var/www”

-D AP_GID_MIN=100

-D AP_HTTPD_USER=”apache”

-D AP_LOG_EXEC=”/var/log/httpd/suexec.log”

-D AP_SAFE_PATH=”/usr/local/bin:/usr/bin:/bin”

-D AP_UID_MIN=500

-D AP_USERDIR_SUFFIX=”public_html”

-D AP_SAFE_DIRECTORY=”/usr/local/safe-bin”

 

Since we locate users’ sites in /home, we need to rebuild suexec.

Perform the following steps:

Download rpm package:

 

Install additional programs which we will need to build the package:

 

Install Suexec:

 

 

Method 2 (package rebuild from tar.gz archive).

 

Change value for parameter:

#define AP_DOC_ROOT DEFAULT_EXP_HTDOCSDIR –>> #define AP_DOC_ROOT “/home”

#define AP_HTTPD_USER “www” –>> #define AP_HTTPD_USER “apache”

#define AP_UID_MIN 100 –>> #define AP_UID_MIN 500

#define AP_LOG_EXEC DEFAULT_EXP_LOGFILEDIR “/suexec_log” /* Need me? */ –>> #define AP_LOG_EXEC “/var/log/httpd/suexec.log” /*Need me?*/

 

 

Finally, we can check phpinfo page to make sure everything is configured fine:

http://stat.local/phpinfo.php

 

To change PHP version from console, use the command:

 

Installation and setup of a server using suPHP

 

To switch on suPHP, you should install mod_suphp package on the server from CloudLinux repository, as it already contains all the necessary patches:

After installation check /etc/suphp.conf file for correct matching the lines:

4

 

 

 

If something is wrong then present them to a form as is in the figure, all the rest settings remain unchanged:

 

 

Open file /etc/httpd/conf.d/suphp.conf and comment in it all the lines except:

LoadModule suphp_module modules/mod_suphp.so

Open our file /etc/httpd/conf/httpd.conf  and present VirtualHost to a form:

 

 

After that save the settings and restart Apache:

The installation is finished.

 

To check suPHP use the following script:

# nano w.php

 

 

At the end update :

If you get 500 Internal Server Error addressing php page and you see the following error in site log:

Premature end of script headers: w.php

Then check access type: directories access type should be 755, files access type should be 644.

Make sure you are in user’s folder and run the following commands:

 

 

Patching Apache with suexec not from CLN repository

 

 

 

 

Leave a Reply

Your email address will not be published. Required fields are marked *