Go Back   HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials > ISPConfig 3 > Installation/Configuration

Do you like HowtoForge? Please consider supporting us by becoming a subscriber.
Thread Tools Display Modes
Old 22nd February 2010, 01:36
ethanlifka ethanlifka is offline
Junior Member
Join Date: Aug 2008
Posts: 29
Thanks: 0
Thanked 6 Times in 4 Posts
Default Security - mod_php with FTP vs SuPHP or SuExec

I am trying to configure my site to be as secure as possible.

I do not want to set my upload folders to 777 so I have a few options.
Most recommend using SuPHP or SuExec.

A second option that I have not seen much discussion about is using php_ftp to upload files. This way uses the FTP account to upload files and no need for Suphp which is slow and no need for suExec.

My concern with SuPHP or SuExec is that scripts now can write to any folders that are 755 so now all you folders are writable by the web user. Where as the user nobody or apache cannot and that seems to be more secure to me. Although I don't have any real reason why.

I have no concern for chrooting or open_basedir since there will be no other hosted accounts on the server, which is usually the main reason for SuPHP and SuExec. Please correct me if I am wrong.

1. Mod_php with php_ftp uploads
2. SuPHP or SuExec.

So in conclusion I think if I do not have any other hosted accounts that using mod_php while using php_ftp is more secure then using SuPHP or SuExec.

Is this correct?
Please specify why or why not.

My Setup
CentOS 5.4 32bit Perfect Setup.

Any thoughts would be appreciated.

Reply With Quote
Sponsored Links
Old 22nd February 2010, 11:18
till till is online now
Super Moderator
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 37,000
Thanks: 840
Thanked 5,650 Times in 4,460 Posts

If you run just one website on the server with just one client, it does not matter. As soon as you run 2 or more websites, suphp and suexec are more secure, as the web user has anly access to its own web folders and every website is separated from each other.
Till Brehm
Get ISPConfig support and the ISPConfig 3 manual from ispconfig.org.
Reply With Quote


mod_php, php security, suexec, suphp

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Unable to install ISPConfig bdonecker Installation/Configuration 21 26th May 2009 09:20
ftp is very slow and asks for user/passwd continuously chico58 Installation/Configuration 7 8th October 2008 13:43
proFTPd passive mode problems bisbell Server Operation 8 6th August 2008 22:12
Question about Virtual Hosting With Proftpd And MySQL (Incl. Quota) On Debian Etch ikkem HOWTO-Related Questions 30 26th February 2008 20:38
Website users? ctroyp General 25 6th January 2006 19:02

All times are GMT +2. The time now is 17:52.

Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.