Upgrade 3.97 and PHP Permissions

7 posts / 0 new
Last post
#1 Thu, 01/03/2013 - 04:26
Dim Git

Upgrade 3.97 and PHP Permissions

Hi everyone, hope you have all had a great holiday season.

Because things have been quite busy I have been putting off dealing with this but now the time has arrived.

As per others, during the update to 3.97 I have received some warnings. The one that is of concern at this stage is the one about "1 domains on your system are configured to allow PHP scripts to be run using mod_php, even when this execution mode is disabled".

I want to find out which virtual server is the culprit so that I can ensure that no problems exist if I fix this issue. Is there any way I can find out which VS is responsible?

Amongst other things, I have checked each VS using >Edit Virtual Server > Server Configuration > Website Options and the "PHP script execution mode" are all set to "FCGId (run as virtual server owner)".

Where else could I find which VS is the culprit.

CentOS Linux 5.8
Webmin version 1.600
Virtualmin version 3.97 Pro

Thanks for reading.

Thu, 01/03/2013 - 09:23
andreychek

Howdy,

I'm not entirely certain what it's looking for, but it may be looking for this particular line (which is what it will ultimately add):

php_admin_value engine Off

Even thoguh your Virtual Servers are configured to use FCGID, without that line, it's possible to get Apache to execute a file as mod_php, unless that line is added to the Apache config for each of your Virtual Servers.

-Eric

Mon, 01/14/2013 - 03:47 (Reply to #2)
Dim Git

Hi Eric,

Apologies for the delayed reply, busy/bad time.

You are, as always, absolutely correct.

It was the first domain added to the server, no idea why that should be different to the rest, it doesn't even have a site on it.

Take care, Tim

Mon, 01/14/2013 - 03:48
signet

Is there no way to find out what (or on which domain) the changes are made? This because if the changes break something, I quickly want to be able to fix the issues.

Thanks,

Justin.

Mon, 01/14/2013 - 08:56 (Reply to #4)
andreychek

Although there's no way to get a list -- in most cases, the changes are made to all domains.

-Eric

Tue, 01/15/2013 - 04:36 (Reply to #5)
signet

Alright, but I would like to get a summary of the changes that are made in every domain. Further, the customer received a notification about "Virtualmin has detected that 1 domains on your system are configured to allow PHP scripts to be run using mod_php, even when this execution mode is disabled. ". It is not to difficult to list the domain I presume?

Tue, 01/15/2013 - 09:25
andreychek

A summary of changes is --

It reviews your Apache config, and changes any references to "FollowSymlinks" to "SymLinksIfOwnerMatch".

It also changes the "AllowOverride" line to read:

AllowOverride All Options=ExecCGI,Includes,IncludesNOEXEC,Indexes,MultiViews,SymLinksIfOwnerMatch

It adds this to each Virtual Server that is not using mod_php:

php_admin_value engine Off

It'll also looks through your .htaccess files (with your permission), and changes "FollowSymlinks" to "SymLinksIfOwnerMatch".

Topic locked