The suPHP Apache module together with suPHP itself provides an easy way to run PHP scripts with different users on the same server. It provides security, because the PHP scripts are not run with the rights of the webserver's user. In addition to that you probably won't have to use PHP's "safe mode", which applies many restrictions on the scripts.
For example, if you have a Joomla installation it is not necessary to enable the unsecure ftp layer or give 777 permissions in directories to install components/modules. This suPHP RPM package is using paranoid mode so you can use suphp per-virtualhost and assign per-user permissions.
Note: suPHP should only be used if you are using no CGI scripts or if all CGI scripts are run using suExec.
For i386 the location is: ftp://ftp.pbone.net/mirror/ftp.freshrpms.net/pub/freshrpms/pub/dag/redhat/el5/en/i386/dag/RPMS/mod_suphp-0.7.0-1.el5.rf.i386.rpm
rpm -Uvh mod_suphp-0.7.0-1.el5.rf.x86_64.rpm
Do the following changes in the 2 suPHP configuration files:
In /etc/suphp.conf
Change loglevel=info to loglevel=warn #Otherwise it will flood the suphp log file Change umask=0077 to umask=0022 Change x-httpd-php=php:/usr/bin/php to x-httpd-php=php:/usr/bin/php-cgi
Change allow_file_group_writeable=false to allow_file_group_writeable=true
Optional: Change allow_directory_group_writeable=false to allow_directory_group_writeable=true In /etc/httpd/conf.d/suphp.conf
Comment out the following 2 lines:
AddHandler x-httpd-php .php
AddHandler x-httpd-php .php .php4 .php3 .phtml
so they will look like:
#AddHandler x-httpd-php .php
#AddHandler x-httpd-php .php .php4 .php3 .phtml
Uncomment: suPHP_AddHandler x-httpd-php # (Remove the hash mark from the beginning of the line)
In your httpd.conf you need to add 2 lines to the virtualhost you want to enable suphp: suPHP_Engine on
suPHP_UserGroup username group #This has to be a local user in the system who will be managing his docroot.
If you have a Joomla installation you have to chown (change ownersip) of the docroot to user:user and use the correct permissions:
chown -R user:user /path/to/joomladir cd /path/to/joomladir find . -type f -exec chmod 644 {} \; find . -type d -exec chmod 755 {} \;