Installing suPHP on Centos 5

suPHP is a tool that allows PHP scripts to be executed with the permissions of their owners. By not running PHP script using web server’s user rights, suPHP increase the server security.

First install httpd-devel and compiler tools:

Download suPHP source code and extract it

Now we compile suPHP

Next create suphp.conf to configure Apache so it will call suPHP for interpreting PHP scripts

Add this configuration:

Save the file and the next step is to disable mod_php configuration as we are now using suPHP

After we finished with Apache configuration, next we create suphp.conf file which contain suPHP configuration

and copy this to the new file:

After Apache and suPHP is configured, we need to add suPHP_UserGroup option on each virtual hosting we hosted on the server. For example, the domain.com virtual host would look like:

“user” should be replaced with the real username on your server who own the PHP scripts. Make sure all file owned by the “user” username otherwise you’ll get 500 error code (Internal Server Error).

Now let’s test the configuration

if everything is OK, restart the Apache server

8 thoughts on “Installing suPHP on Centos 5”

  1. thank you so much for the guide to install suPHP i followed it bu i faced a problem and that is the 500 error code (Internal Server Error) also when i run

    service httpd configtest

    i get this

    ] [warn] NameVirtualHost XXX.XXX.XX.XXX:80 has no VirtualHosts

    my main httpd.conf doesn’t have the virtualhost for the domains

    i have the virtualhost in turbopanel.conf as i use Simple Control Panel

    so i edited the turbopanel.conf

    and I add

    suPHP_UserGroup user user

    and changed the user with the real username on the server for each domain and i still get the same warn

    ] [warn] NameVirtualHost XXX.XXX.XX.XXX:80 has no VirtualHosts

    and also the 500 error for everydomain

    I couldn’t find a way to slove it cuz i’m kindah a noob XD so i reverted this cmd

    mv /etc/httpd/conf.d/php.conf /etc/httpd/conf.d/php.conf.disabled

    to get the php working again till someone can help me out

    any help plz :)

    1. does the PHP files have correct ownership? after using suphp all php file should owned by respective user and not apache or nobody user.

      do this command to see the ownership of your file: ‘ls -l’ (without quotes of course)

  2. LoadModule suphp_module modules/mod_suphp.so
    suPHP_Engine on
    AddType application/x-httpd-php .php

    suPHP_AddHandler application/x-httpd-php

    Save the file (?***Pls kindly advise how to save the file?, thanks!***)

  3. After Apache and suPHP is configured, we need to add suPHP_UserGroup option on each virtual hosting we hosted on the server.

    how to add suPHP_UserGroup??

  4. Hi,

    On the last step I get this error: ‘suPHP_UserGroup’, perhaps misspelled or defined by a module not included in the server configuration

    Any idea?

    1. have you add the configuration:

      LoadModule suphp_module modules/mod_suphp.so
      suPHP_Engine on
      AddType application/x-httpd-php .php

      suPHP_AddHandler application/x-httpd-php

      and make sure the suPHP_UserGroup user and group exist?

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code class="" title="" data-url=""> <del datetime=""> <em> <i> <q cite=""> <strike> <strong> <pre class="" title="" data-url=""> <span class="" title="" data-url="">