|
|
JAVA, JSP, SERVLETS, TOMCAT, SERVLETS MANAGER,
Private JVM (Java Virtual Machine),
Private Tomcat Server
Alden Hosting offers private JVM (Java Virtual Machine), Java Server Pages (JSP), Servlets, and Servlets Manager with our Web Hosting Plans
WEB 4 PLAN and
WEB 5 PLAN ,
WEB 6 PLAN .
At Alden Hosting we eat and breathe Java! We are the industry leader in providing
affordable, quality and efficient Java web hosting in the shared hosting marketplace.
All our sites run on our Java hosing platform configured for
optimum performance using Java, Tomcat, MySQL, Apache and web
application frameworks such as Struts, Hibernate, Cocoon, Ant, etc.
We offer only one type of Java hosting - Private Tomcat. Hosting accounts on the Private
Tomcat environment get their very own Tomcat server. You can start and re-start
your entire Tomcat server yourself.
Using PHPsuexec with PHP V5
Why PHPSUEXEC and the security hole of PHP
On most Apache servers, PHP runs as an Apache Module. As such, it runs directly in the user
apache, but doesn't require the execute flag. This means that in order to execute a PHP
file, it simply needs to be world readable. The problem is that this allows every other
users on the server to read your PHP files!
Allowing other users to read your HTML files is not a problem, since they can be displayed
in Internet Explorer. However, PHP files are not readable, they are parsed. Many scripts
use a PHP file to store a database username and password. This means that on another
server every client could read your PHP files, retrieve your password and access your databases.
Alden Hosting LLC has close this hole by installing an Apache module called PHPsuexec,
which executes PHP scripts under your username. Instead of using everyone's permissions it
uses the owner's permissions. Thus you can change the permissions of your PHP scripts to
0700 or 0500 and still read and execute them. However, these scripts will no longer be
accessible to any other users - PHPsuexec will refuse to execute a script if it is
world-writable to protect you from someone abusing one of your scripts. All Alden Hosting
servers are running phpsuexec.
What is the difference?
Most sites will not be affected with the change, running php as cgi with suexec. Phpsuexec
works in much the same way that cgi (perl scripts etc) with suexec does, all applications
being run under your account user name UID/GID, rather than in PHP's case as an apache
module, the user 'apache'.
This simply means that rules that apply to .cgi + .pl files on your current server, apply to
php files also. The maximum permissions permitted on directories and PHP files is 755.
Failing to have permissions set to a maximum of 755 on PHP files and their installation paths,
will result in a 500 internal server error, when attempting to execute them.
#!/usr/local/bin/php
Using PHPsuexec, the first line of each script "#!/usr/local/bin/php -q" is NOT required.
File Extension for PHP V5 programs
To automatically use PHP V5 with your PHP applications, just end the filename with '.php.' such as index.php.
File & Folder Permissions
The minimum required permission is 500,
but if you need to write to that file, you need to also enable the owner-write permission
0700. It is recommended that all your PHP files have chmod permission 0500 or 0700.
The group and everyone permissions can be left to 0.
PHPsuexec also validates the directories in which PHP files are located. A PHP file
cannot be executed in a directory that is group-writable or world-writable.
However, in order to access a directory, it must be world-executable, which is safe to
do. So folders/directories containing PHP files should have permissions 0755.
Read/Write/Execute for the Owner and Read/Execute for Group and Everyone.
Folder Permissions for your DocRoot "/html"
If you place your PHP applications directly under your /html folder, (such as index.php) you
MUST change the directory permissions of /html. Our default directory permissions for your
"/html" folder is "775" which allows your GROUP to Read/Write/Execute. This MUST be changed
to "755" (Group READ/NO-WRITE/Execute)
777 - Do I need directories set to this? My install script says that I do.
No, you do not need to have directories or files set to 777, even if your installation
documents tell you that you do. Permissions of 700 will work in the same way - Scripts
owned by your account user UID/GID will be able to write to your files, the same way that
they can running under apache with 777 permissions.
You cannot manipulate the php.ini settings with .htaccess when running PHP as cgi/phpsuexec.
If you have php applications / scripts that have directories set to 777, (required to
write to them under php/apache module), they would need to be changed. Also we would need
to change ownerships of all files owned by user 'apache' to the user name UID/GID for
your account.
htaccess
You cannot manipulate the php.ini settings with .htaccess when running PHP as cgi/phpsuexec.
If you are using .htaccess with php_value entries within it, you would receive an internal
server 500 error when attempting to access the scripts. This is because PHP is no longer
running as an Apache module and Apache will not handle those directives any longer. All
PHP values should be removed from your .htaccess files to avoid this issue.
Quick trouble shooter. . . . . HELP my php script doesn't work or I have an error message
1. Check that the PHP script that you are attempting to execute has permissions of no
more than 755. 500 will work just fine normally, this is not something that
will need to be changed in most cases.
2. Check that the chmod permissions for the folder that the script resides in are set
to a maximum of 755. This also includes folders that the script would need to have access to also.
3. Check that the files are owned by you i.e. not owned by user 'apache'. Certain
applications having been run under PHP as an Apache module, may have files owned by the
Apache user - In that case, submit a helpdesk ticket for the file ownerships to be changed.
4. Check that you do not have an .htaccess file with php_values within it. They will
cause a 500 Internal server error, when attempting to execute the script.
JAVA, JSP, SERVLETS, TOMCAT, SERVLETS MANAGER,
Private JVM (Java Virtual Machine),
Private Tomcat Server
Alden Hosting offers private JVM (Java Virtual Machine), Java Server Pages (JSP), Servlets, and Servlets Manager with our Web Hosting Plans
WEB 4 PLAN and
WEB 5 PLAN ,
WEB 6 PLAN .
At Alden Hosting we eat and breathe Java! We are the industry leader in providing
affordable, quality and efficient Java web hosting in the shared hosting marketplace.
All our sites run on our Java hosing platform configured for
optimum performance using Java, Tomcat, MySQL, Apache and web
application frameworks such as Struts, Hibernate, Cocoon, Ant, etc.
We offer only one type of Java hosting - Private Tomcat. Hosting accounts on the Private
Tomcat environment get their very own Tomcat server. You can start and re-start
your entire Tomcat server yourself.
|
