Xtreme Servers and USA1Hosting
We offer PHP and cgi/perl scripting in
conjunction MySQL. This server runs all scripts using SUexec and SUphp
What does this
mean to you?
more secure script configuration? YES!
What this means is that your scripts run under YOUR permissions and not
that of the webserver. This does a couple things.
allows you to set your permissions on files and directories to be more
secure that *normal* hosting configurations.
protects your website from insecure scripts that another customer may
have installed in their account. Translation: If THEIR scripts are
insecure, only THEIR website is at risk. Please take care to ensure
your scripts are safe and secure.
Also, required file and directory permissions are different in this
environment. You can never use "777" as a permission level on any file
or directory or your script will fail to run.
Permissions should be set as follows:
Perl/cgi files... 755
files and directories writable by Perl should be 755
PHP scripts can be the same as your html files-- 644...writable files
and directories should be set to 755
NOTE: If your script installation instructions say "chmod to 777" Don't do it.
Your script will not run. Use 755 instead and it will work fine and be
more secure! "777" says allow ANYONE to write to that directory or
file...wouldn't you rather restrict it to you and your scripts?
SUexec and SUphp work.
cgi/pl files must be in the cgi-bin directory in your account. All perl
files go there. They can be named either .pl or .cgi and will work the
same either way.
PHP files can be anywhere...
Base Directory restrictions are in effect for all scripts--in other
words your scripts can only read/write in your account and nowhere else
except to be able to read libraries in the typical predefined paths on
the server that are required for the scripts to run.
If you are on a "webby" or other function limited access device, let me
know and I can install an online file manager and/or a web based ftp
you to use to work in your account.
*NOTE: Beware of using "canned" scripts especially the more popular
scripts which have been used and abused for years on the internet! If
you have any questions about the security of a script, please ask!