Hi,
I'm
looking for advice from other server administrators on suphp.
I have a new client who is setting up a site with CMS system. He mentioned he is using folders with file permissions 777. I understand that these are insecure and should never be used, however, Wordpress, Joomla etc need 777 to work. This client moved to us because he couldn't get his site to work on the previous host, I suspect the previous host had suphp or something set up.
I have been reading up on suphp and have learnt that web hosts like myself offering shared hosting should be using suphp otherwise hackers can run scripts and access other sites on the server.
Currently we have apache complied with suexec etc.
Even the firewall (check server security) advises using suphp. If I do this, what will happen to my new clients website and others who use wordpress etc. I've read that they have to make modifications to the php.ini file.
Advice from you guys on this issue would be appreciated as I will be buying a
dedicated server next week and if suphp is what I should have to be secure, then I need to do that.
I also have a question on raid. I've experienced a few shared servers which have suffered downtime because drives failed. These servers were raid array and you replaced the drives etc then synced the data and booted the servers back up. However, during this time the servers were down, sometimes for 2-3 hours.
Someone mentioned to me that the hardware that when a disk fails and gets replaced, the server has to be rebooted and then you go into the Bios of the RAID controller during boot up and tell the controller to start the rebuild to the new disk hence why you get downtime.
I thought with raid that didn't happen and the failed drive could be replaced and resynced without downtime. Why was this not done on your shared servers? It would be great to understand this because being a shared hosting provider myself, I was considering having raid 1 in my dedicated server.
All advice very much appreciated!
suphp and raid questions
Linear Mode
