0

I have a Centos6 64-bit server, Apache/2.2.15, PHP5.3.3, one IP and four name-based virtual hosts and SSL/SNI to provide https in addition to http. All those hosts are assigned to different linux users. I have root access to server and all those users are my own and other people have no shell access to the server. Server uses suPHP and SuExec to run cgi-processes as those users instead of apache user.

Now I realized that suPHP is very slow when compared to mod_php. Initially I ended up to suPHP, because previously those all 4 accounts were on different shared servers and it was rather easy to transfer them to one server and maintain those linux users.

But because the server is my own, I think that I have no need for suPHP and I'm considering movement to use only DSO (mod_php).

I'm considering the following workflow:
1) Changing Apache user to one of my linux users eg. user1.
2) Changing ownership of other user's files to user1. Every user has own document root (public_html) in /home/user1, /home/user2 etc.
3) Because some processes consume too much resources and are needed to run command line, all users have distinct passwordless access to this server (shell_exec("ssh user1@localhost 'someprogam'"), shell_exec("ssh user2@localhost 'someprogram'") etc). After this transfer only apache user (ie user1) needs this like ssh access to localhost, so other ssh-things can be removed. Tip! This is by the way nice way to override php resource restrictions on a shared (or any other) server. Usually you ssh to remote server, but why not also to local server. Especially useful when mogrifying large images. This technique is based on the fact that via ssh the program is run as a shell program (versus CGI) and shell has not so much memory and execution time restrictions.

After these steps apache user (ie. user1) will have rwx access to /home and all below it.

Is this workflow OK? I assume that there is no security risks (outside or inside) because all users and sites on the server are my own and I cannot find any reason why DSO (mod_php) in this case would be more insecure than suPHP.

This transfer requires changing tens of lines of code, but I assume that the speedup is so huge that the process is meaningful.

Timo Kähkönen
  • 156
  • 6

1 Answers1

0

Perhaps consider moving to PHP FastCGI instead, you get all the speed benefits of mod-php5, but you can keep the user privilege separation.

http://php-fpm.org/

Trent Lloyd
  • 450
  • 4
  • 7
  • I have thought also FastCGI, but I assume (maybe I'm wrong but not sure), that one linux user (which is also apache user) is easier to maintain. And sometimes one site has to access some file on other site's folders (which is not so simple in suPHP), I for now prefer mod_php. – Timo Kähkönen Mar 11 '13 at 08:14