Search results

For right now we are not running suexec. Under Apache the load was just too much running php as a cgi. It's something we're definitely going to look into but it's a big undertaking to switch.

Hello All, We have a trial of LSWS Enterprise running on a not too busy shared hosting box. There are about 200 domains on the server. For the most part the sites on the server are PHP/MySQL driven. Things went pretty well today but we did have a couple of load spikes and at one point all...

I believe I solved my own issue. Buried in the error log was: 2007-08-04 23:57:23.876 [NOTICE] [config:server:epsr:phpLsapi]'Process Limit' probably is too low, adjust the limit to: 220. I bumped the soft/hard limit from 200 to 220 and then things worked much better. Frank

We have LSWS running (testing on an alternate port) on a cPanel server. cPanel puts the following lines in httpd.conf: [code] <IfModule mod_php4.c> php_admin_value open_basedir "/home/xxx:/usr/lib/php:/usr/local/lib/php:/tmp" </IfModule> [/code/ After we switch to LSWS I put up a...

Hello, So we know which formats of mod_security rules will work, what version of mod_security does LSWS emulate? TIA, Frank

OK, we've been testing LSWS on a VPS and everything has been working great. Tonight we're going to install on our first production box. I've read through the cPanel install wiki thread but I'm a bit confused on one point. It says when you do the initial install (the shell script install) it...

I do not believe this to be true. Apache/suexec runs it with the uid/gid that is given in httpd.conf with the User/Group directives. If the User/Group in the config don't match the user/group on the file it will never even run the program. Frank

Well I think this one is necessary :D First ignore those other uid/gid's. I'm 99% sure it means that it can't be one of those (they are nobody and root). The closest thing I can equate this functionality to is php openbasedir. We simply could not rely on clients to keep directory permissions...

Sorry, not trying to stir up trouble, but I'm trying to evaluate LSWS as a "drop in" replacement for Apache on cPanel. Here is the line from the suexec_log: [2007-08-02 13:13:10]: error: target uid/gid (32003/32005) mismatch with directory (32003/32005) or program (99/99) or trusted user...

Hmm, Sorry to keep taking right turns here, but either I'm not understanding or suexec simply works "differenty" under LSWS. In a default cPanel install let's say we have the following: /home/user-1/ /home/user-1/public_html /home/user-2/ /home/user-2/public_html under /home/user-1...

Well LSWS mimics Apache there are checks in place with suexec to insure that the uid/gid of a cgi script matches the uid/gid given in the vhost container. Frank

Yes, the process is running at the proper id (the site owner). How about the uid/gid checks? TIA, Frank

Can you explain this a bit more? I ran a quick test and you are correct that Apache suexec can read outside the document root (something I did not think it could do). suexec, however, enforces that the uid/gid match or it won't run the script. Is this possible to do with LSWS when it's...

Yep, it's there, but does not seem to be working: <VirtualHost x.x.x.x> ServerAlias www.xx.xx ServerAdmin webmaster@xx.xx DocumentRoot /home/xx/public_html User xxx Group xxx ServerName xx.xx <IfModule mod_suphp.c> suPHP_UserGroup xxx xxx </IfModule> <IfModule mod_php4.c> php_admin_value...

Hello, How do we enable/configure cgi (i.e. perl scripts) suexec when we're using a cPanel / Apache httpd.conf setup? TIA, Frank

Thanks much. That fixed the issue. Frank

Where/how do I download 3.2.1? The download pages looks like it only has 3.2. TIA, Frank

Hello, Yes, it's in httpd.conf. It's configured in the "default" cPanel config (if you use mod_security installed via cPanel). AddModule mod_security.c Include "/usr/local/apache/conf/modsec.conf" and then /usr/local/apache/conf/modsec.conf has: <IfModule mod_security.c> SecFilterEngine...

OK, we're running an Enterprise version of LSWS on a VPS with cPanel. We have mod_security setup. For now we have just 1 rule for testing: SecFilter "testit" .shtml pages are being proxied to Apache. If we browse http://www.mydomain.com/blah.shtml?testit then Apache blocks the request...

OK, not sure what I did differently the 2nd time but now it's happy. As a side note / question to get everything "happy" I had to delete the default listener. Can we also delete the default Virtual Hosts or anything else? We get a few warnings on startup. Frank