suPHP + Plesk + apache vhosts

I installed suPHP on a plesk box, works great for all the client vhost websites, all their PHP scripts run with their respective user account privellages.

However, suPHP was enabled for every PHP script which ran under apache. This caused a few issues especially for the webmail php scripts, which reside in /usr/share/psa-horde/

When I tried to access webmail, the browser was giving me back an Internal Server Error and I was seeing these in the log files:

/var/log/suphp/suphp.log
[warn] UID of script "/usr/share/psa-horde/index.php" is smaller than min_uid
[warn] Script "/usr/share/psa-horde/index.php" resolving to 
"/usr/share/psa-horde/index.php" not within configured docroot
/var/log/apache2/error_log
[error] [client X.X.X.X] SoftException in Application.cpp:199: Script "/usr/share/psa-horde/index.php" 
resolving to "/usr/share/psa-horde/index.php" not within configured docroot

If you look in the suphp config file /etc/suphp/suphp.conf you will see that the docroot is /var/www/, any scripts outside this location will not be executed. I played around a bit with permissions and config files, in the end this is the solution I came up with :

Step 1: Edit /etc/apache2/mods-enabled/suphp.conf
Comment out everything, this will prevent suPHP from affecting every php script on your site.

<IfModule mod_suphp.c>
#       AddHandler x-httpd-php .php .php3 .php4 .php5 .phtml
#       suPHP_AddHandler x-httpd-php
#       suPHP_Engine on
# # Use a specific php config file (a dir which contains a php.ini file)
#       suPHP_ConfigPath /etc/php4/cgi/suphp/
# # Tells mod_suphp NOT to handle requests with the type <mime-type>.
#       suPHP_RemoveHandler <mime-type>
</IfModule>

Step 2: Make a new file:  /etc/apache2/conf.d/zzz_su_php.conf
Enable suPHP only for your plesk vhosts.

Put this in the file:

<Directory "/var/www/vhosts">
        <IfModule mod_suphp.c>
               AddHandler x-httpd-php .php .php3 .php4 .php5 .phtml
               suPHP_AddHandler x-httpd-php
               suPHP_Engine on
        </IfModule>
</Directory>

Now suPHP will only affect your client websites running under /var/www/vhosts, and not your other global webmail etc.. scripts.

Hope it helps someone.

Dave

Comments
  1. Gravatar

    WiReDWolF

    July 7th, 2009

    Reply

    Ignore my unfinished site - it'll probably remain that way forever.

    With Plesk 9.x on Debian 4.x I found that I also had to follow some further instructions to make this work for Horde (substitude with Atmail):

    Add to the httpd.conf file:
    <quote>
    <Directory /usr/share/psa-horde>
    php_admin_flag engine on
    suPHP_Engine off
    AddHandler php5-script .php
    AddType text/html .php
    </Directory>
    </quote>

    Without it apache2 still attempts to parse horde through the suPHP engine regardless of these above settings.

  2. Gravatar

    Valics Lehel

    August 10th, 2009

    Reply

    You can check my tutorial here, a lot of people fixed their problem with suphp

    http://www.grafxsoftware.com/faq.php/HOW-TO-Setup-a-PLESK-Dedicated-Server/1/4/

  3. Gravatar

    Kalisto

    September 8th, 2009

    Reply

    I use this in my server and works.
    Thanks a lots from Argentina.

Leave a Comment

Yes, send me an email when a new comment is posted.

The avatars shown next to comments are Gravatars. Click here to get a Gravatar account for free and any other site that supports it will show your avatar too!

Client Database

PHP Newsletter System

Friends

Gold Coast
Website Design
CRM & ERP Development
Cheap Websites
Simple PHP Shopping Cart
 Hayley Crook
Gold Coast Linux
Webitor CMS Resellers
Band Websites
Wordpress Design
Gold Coast Music Network and Gold Coast Gig Guide

@dtbaker