Here is the problem that php application create a folder or file with www-data privilege. In general, it can be edit, remove or add new operation in this folder within this application. As I upgraded to 3.0.4.1, I find that the php application cannot remove the folder. How to solve this problem? Thank you very much.
I am already in FAST-CGI mode......and I need to run some cgi application outside the cgi-bin folder.....so I need to disable the suexec to run it. Any other solution? Or some alternative way to enable to run some cgi application outside the cgi-bin folder? BTW, Thank you.
Therea are 2 options: a) enable susxec and your scripts run under the web user and client group. b) disable suexec and the scripts run as www-data There is no third option, so you have to decide what you want.
Thank you very much. One more question please. How to enable CGI application can outside the cgi-bin folder? I don't understand why cannot run it outside the cgi-bin folder with susxec enabled? BTW, your answer is very useful.
Do you mean a cgi application with ending .cgi or .pl or do you talk about .php files? The most common problem are permissions and file ownership. You should make sure that the files and folders inside the "web" folder are owned by the web user and client group of this website. Then you might want to check if the security level is set to high under System > server config > web as thats the recommended level.
Thank you. Yes. It is a serious conflict for me. First, I need to run CGI applications with ending .cgi or .pl outside the cgi-bin folder so I disabled the SuEXEC in installation but I get the problem about php application cannot remove the folder because of www-data premission. That is the problem I need to solve. P.S. run in FAST-CGI mode and all files and folders inside the "web" folder owned by the web user and client group and Medium Security level Situation: Enable susxec-->CGI got 500 Internal Server Error, PHP run as web user and client group disable suexec-->CGI run fine, PHP run as www-data and happen cannot remove problem Can I set to low Security level to allow 777 to files with suexec? This is very a stressed problem for me. Please help..... Thank you very much.
error.log [Wed Dec 21 01:39:10 2011] [error] [client 192.168.1.1] suexec policy violation: see suexec log for more details, referer: [Wed Dec 21 01:39:10 2011] [error] [client 192.168.1.1] Premature end of script headers: action.cgi, referer: [Wed Dec 21 01:40:33 2011] [error] [client 192.168.1.1] suexec policy violation: see suexec log for more details, referer: [Wed Dec 21 01:40:33 2011] [error] [client 192.168.1.1] Premature end of script headers: action.cgi, referer: suexec.log [2011-12-21 01:39:04]: uid: (5004/web1) gid: (5005/client1) cmd: .php-fcgi-starter [2011-12-21 01:39:10]: uid: (5004/web1) gid: (5005/client1) cmd: action.cgi [2011-12-21 01:39:10]: directory is writable by others: (/var/www/clients/client1/web1/web/game/watlas) [2011-12-21 01:40:22]: uid: (5004/web1) gid: (5005/client1) cmd: .php-fcgi-starter [2011-12-21 01:40:33]: uid: (5004/web1) gid: (5005/client1) cmd: action.cgi [2011-12-21 01:40:33]: directory is writable by others: (/var/www/clients/client1/web1/web/game/watlas) Thank you very much.
Thank you. I only need to set to 755 then work fine in whether high security level or medium security level. And I would like to ask why happen this? Can I set to low security level? Thank you very much.
Maybe i have a third option for you. Put your CGI files on the cgi folder and created a symbolic link for it where the files previously was, it worked for me.
You created or uploaded the folder with wrong permissions. Permissions 755 that falko told you to use is the default for all files and folder created by ftp,as your folders had different permissions, they must have been changed afterwards.
It may be ispconfig security level is quiet high as I use another panel before, all the file set to chmod 777.
