404 errors for existing files
Hi
I recently updated apache using easyapache and somehow, it turned on a feature that is giving me problems.
basically, when PHP uploads or creates a file, the file owner is 'nobody'. Before, my visitors can browse files/pictures owned by 'nobody'
After my apache update, i cannot access files owned by 'nobody' - I get 404 error. If I chown to the cpanel user, the file can then be accessed. Not even chmod 777 will allow viewing of the file unless the owner is the cpanel user.
Can you point me to what setting in easyapache affects this? is it mod_security??
thanks
-
Hi, This is likely due to your PHP handler in use. You may find your PHP handler configuration at WHM > Service Configuration > Configure PHP and suEXEC. I suspect you are using DSO without mod_ruid2. If this is the case, I would recommend using DSO with mod_ruid2, as this provides the same security benefits as suPHP, but also allows for opcode caching, while having less overhead. However, this is not compatible with LiteSpeed webserver, so you should select suPHP if LiteSpeed is installed. You may use EasyApache to enable mod_ruid2. You may use WHM > Configure PHP and suEXEC to set DSO or suPHP. Once you have ensured that either DSO with mod_ruid2 or suPHP is in use, you will need to ensure all files/directories have the correct permissions/ownerships. The script below is excellent for ensuring your cPanel accounts recursively have the correct permissions/ownerships for suPHP or DSO with mod_ruid2: boomshadow.net/tech/fixes/fixperms-script/ Auto fix for file permissions and ownership Note, I have assumed your configuration in this response. Please ensure these assumptions are correct should you follow the advice above. You may post your configuration should you have doubts. Thanks, 0 -
thanks for your reply. I just opened a ticket with cpanel and will share the result for anyone with a similar problem: Yes, I am on DSO, but the problem was i had a feature enabled in easyapache which caused my problems: Symlink Protection patch disable that and problem solved. thanks! 0 -
Hello, Note that it's typically a better idea to use suPHP or Mod_Ruid2 to avoid nobody file ownership. Thank you. 0
Please sign in to leave a comment.
Comments
3 comments