Hi I’m glad you have realized the general problem with …

Thursday, 28th March 2024

Comment on Installing SuPHP on Debian Lenny 5.04 with Apache 2.2.9 by admin.

Hi I’m glad you have realized the general problem with fastcgi. With fastcgi it’s always tricky 🙂
About the umask, umask sets the default value for permissions of newly created files.
umask comes from from user file-creation mode mask (umask) is use to determine the file permission for newly created files.
Most linux distros nowdays has an umask set to 0022. Usually an umask of 0022 should be a good one for you. the umask of 0022 would set file attributes to new files equal to chmod’s 0644 (eg. 0022 is calculated by substracting 0666-022 = 0644, an umask of 0022 would also create your newly created directories under the main directory tree with permissions of 755. If you want to have a really restrictive umask you might set a value of 007. You can further experiment with umask and read about it. There is a plenty of documentation about umasks, just check out ‘man bash’, ‘help umask’ and ‘man chmod’. It’s all quite understandable explained in the mans.
I cannot get it about headers and mod_suphp.conf?

admin Also Commented

Installing SuPHP on Debian Lenny 5.04 with Apache 2.2.9
I’m glad you make it sorry, too bad magento is buggy. But you know, you never get guarantees with free software 🙂
Hope to be seeing you around.

Wish you best!
Georgi


Installing SuPHP on Debian Lenny 5.04 with Apache 2.2.9
Hi Maurica,
Check your permissions.
The “Internal Server Error” common appears in apache error log because of some kind of file or directory permission issues.
Check that your files are being owned by the user you’re trying to exec the scripts with. Check also that your directories are properly readable by the sued user as well as they have the “+x” flag for the same user. Try to simulate the apache sued scenario with a normal “su – youruser” and see what will happen.
This might help.

Another root of the internal server error problems might be because you have some kind of default .htaccess file for the whole webserver or some kind of .htaccess rules for the plesk maybe. If nothing works out try to stop temporary the plesk and see how it goes without it.

Hope some of my presumed tips will help you.

Best!
Georgi


Installing SuPHP on Debian Lenny 5.04 with Apache 2.2.9
If you want files owned by different users to execute with the respective user, and through this tighten security then you will definitely have advantage.

There is the moment that suphp is external module and it’s not that tested as the rest of apache modules.
ISo it all depends on your case 🙂


Recent Comments by admin

Install and configure rkhunter for improved security on a PCI DSS Linux / BSD servers with no access to Internet
       –rwo, –report-warnings-only
              This option causes only warning messages to be displayed. This can be useful when rkhunter is run via cron. Other options may
              be used to force other items of information to be displayed.

       –sk, –skip-keypress
              When  the  –check command option is used, after certain sections of tests, the user will be prompted to press the return key
              in order to continue. This option disables that feature, and rkhunter will run until all the tests have completed.

         


Install and configure rkhunter for improved security on a PCI DSS Linux / BSD servers with no access to Internet
As rkhunter check, can be pretty annoying and ask you to press keypresses multiple times and spit you a lot of unnecessery data a very good useful option arguments are:

–rwo and –sk

# rkhunter -c –rwo –sk
Warning: The SSH and rkhunter configuration options should be the same:
         SSH configuration option 'PermitRootLogin': yes
         Rkhunter configuration option 'ALLOW_SSH_ROOT_USER': no


Fix eth changing network interface names from new Linux naming scheme ens, eno, em1 to legacy eth0, eth1, eth2 on CentOS Linux

Sorry for really late reply.

perhaps you have to create it or rename the ifcfg-eno1 to ifcfg-eth1 or you have some old ifcfg-enp1s0f0 or ifcfg-eno still under /etc/sysconfig/network-scripts/ interfering


How to RPM update Hypervisors and Virtual Machines running Haproxy High Availability cluster on KVM, Virtuozzo without a downtime on RHEL / CentOS Linux
if you happen to be missing versionlock plugin and you need to get use of it

yum versionlock capabilities

You will have to install yum-utils package:

For example on CentOS 8 Linux, to enable the yum versionlock plugiun

yum install yum-utils.noarch


How to log every Linux executed command by every running system program to separte log via rsyslog for better server Security and audit trails

In case if by default log is not configured for snoopy,
these are default output locations on various Linux distributions:

Distribution Snoopy output location Notes
CentOS /var/log/secure  
Debian /var/log/auth.log  
Ubuntu /var/log/auth.log  
(others) /var/log/messages (potentially, could be elsewhere)

Share this on:

Comments are closed.