December 5, 201015 yr The user frendly interface makes Froxler to a very interesting project. I installed it to setup a shared-hosting server. Since I cannot trust any script uploaded by unknown users, I miss some important security features. The first and most important is to run them with mod_suexec. The second is to use virtual directories. Is there any work in progress to get Froxler secure for shared hosts? If I can help with some PHP programming on that, just let me know where to start. Keep going on with the good work.
December 6, 201015 yr You actually can use suexec that's what FCGID is for. Virtual Directories...well, can you explain why you would need this?
December 6, 201015 yr Virtual directorys, hmm did you mean customer webs in jail? You get this with FCGID, or not?
December 12, 201015 yr Author Step 1 is done so far, The sites are running with suEXEC and FCGID. I followed the steps from: http://wiki.froxlor.org/contrib/german/de-fcgid-handbook (why is it so hard to find documentation like this on this website???) It worked fine, exept the steps of point 8 to run froxler from user froxlorlocal. I ended up with a white screen with the message: You have to make the file "./lib/userdata.inc.php" readable for the http-process! after "a2dismod php5" I can download the php-code with the browser. So it seems that the checkbox to run Froxler under FCGID isn't working. Off course, safe_mode like suggested above isn't an option for a serious hosting project.
December 12, 201015 yr (why is it so hard to find documentation like this on this website???) It's going to change, just wait It worked fine, exept the steps of point 8 to run froxler from user froxlorlocal. I ended up with a white screen with the message: You have to make the file "./lib/userdata.inc.php" readable for the http-process! Well, isn't there also a point in the handbook which sais: "chown -R froxlorlocal:froxlorlocal /var/www/froxlor" ? after "a2dismod php5" I can download the php-code with the browser. So it seems that the checkbox to run Froxler under FCGID isn't working. Then you either did something wrong, or the cronjob didn't run, etc. Please post logs and the Froxlor-Vhost Configuration (either in /etc/apache2/sites-enabled/10_*.conf or /etc/apache2/sites-enabled/99-*.conf [at the top]) Off course, safe_mode like suggested above isn't an option for a serious hosting project. Don't use it then
December 12, 201015 yr Author The problem was a conflict with the default apache .conf files The following steps solved it for me: (on Debian) 1. Prevent that Cron will crash the server while you're changing this settings /etc/init.d/cron stop 2. Comment out the line "Include /etc/apache2/ports.conf" in "/etc/apache2/apache2.conf" 3. remove the default apache configs from "/etc/apache2/sites-enabled" a2dissite 000-default a2dissite 000-default-ssl 4. In froxlor, go to "IPs und Ports" and make sure that Listen and NameVirtualHost are enabled for all IP's 5. execute the Cron-job to apply the Froxlor-settings /usr/bin/php5 -q /var/www/froxlor/scripts/froxlor_master_cronjob.php 6. Test the new config and restart Apache and Cron apache2ctl configtest apache2ctl graceful /etc/init.d/cron start Hope it saves some time for the next one with te same problem
Archived
This topic is now archived and is closed to further replies.