Back to Tools and Features


This article contains information about PHPSUEXEC.

Differences between PHPSUEXEC and "regular PHP":

When using the common PHP installation on a webserver, PHP runs as the user nobody and it doesn't require the execute flag to be enabled. The problem with this process is that if mod_openbasedir is not installed, every user will be able to read your PHP files because everyone is virtually sharing the same username (nobody). PHP Files are not meant to be read but parsed, and that is where the problem resides. PHP Files have to be parsed, otherwise everyone who can read your PHP file will see settings that you would probably want to keep private, such as your MySQL username and password. PHPSUEXEC fixes all this because it requires PHP to be run as the file owner's username. (for example: Andre) This is not everything it fixes though. PHPSUEXEC is also here to fix file ownership problems. This has been a common issue on a few Content Management Systems such as Joomla and also on the popular blog software: WordPress. It also adds security to your files as you can use permissions such as 600 or 700 in your files and your visitors will still be able to view them (parsed) in their browsers. PHPSUEXEC will also refuse to serve any pages that are at security risk, for example with 777 as permissions. (will generate an Internal Server Error)

Related Articles

How To Create And Download A Backup
How To Delete Your Content
Can I Add My Own CGI Scripts
Do I Use Localhost or RemoteMYSQLhost For A MYSQL connection
How To Backup My Site

Can’t Find what you need?

No worries, Our experts are here to help.