Dear All, I have setup litespeed enterprise to replace cpanel apache (using suphp at the past). With litespeed I choose to use old cpanel httpd.conf and then turning on PHP suEXEC through litespeed web interface on WHM. So that must be LSAPI + PHP suEXEC (secured), isn't that right? But strangely, when I test to chmod 777 index.php or even chown index.php to nobody:nobody, that index.php is still can access from browser. It didn't throw any error 500 as it were on suphp. That means : users are still able to sneaking around and penetrated into another user folders through php shell (c99)? So my main question is : is that PHP suEXEC with LSAPI = secure? Or perhaps I have missed something on my setup? Any helps regarding to this question will be very appreciated.