Announcement

**tapan** · 03-25-2016, 07:20 AM

Hi,

I had a server with CentOS 7.2 and had mod_ruid2 + DSO. All was fine then I installed CloudLinux as I came to know mod_isapi is faster etc. But sadly it does
t seems to be getting installed or working or something. Becuase when I had mod_isapi I changed handler to FCGI but it resulted in sites not opening. So I changed handler to DSO and sites worked but CSF firewall said that suphp should be used.

Hence I un-installed mod_isapi and recomplied apache back to mod_ruid2. Now CSF is also happy etc. But my real question is, CloudLinux + mod_ruid2 good speed and security wise ???

Thanks.

**bogdan.sh** · 03-25-2016, 08:42 AM

Hi,

Well, mod_lsapi and ruid2 are not compatible so it should be disabled, according to our requirements http://docs.cloudlinux.com/index.htm...mod_lsapi.html

The method that definitely work:

switch PHP to fcgid with cpanel
run cagefsctl --force-update so site could work with php fcgid
install mod_lsapi
enable mod_lsapi for one domain just to test. then enable globally.

**tapan** · 03-25-2016, 10:21 AM

Hi,

I have done fcgi now, but when I am checking server security in CSF firewall it says:

---

Check suPHP:
To reduce the risk of hackers accessing all sites on the server from a compromised PHP web script, you should enable suPHP when you build apache/php. Note that there are sideeffects when enabling suPHP on a server and you should be aware of these before enabling it. Don forget to enable it as the default PHP handler in WHM > PHP 5 Handler

---

How to fix that ???

Thanks.

**clm** · 03-25-2016, 10:41 AM

Don belive everything CSF says.

For instance CSF says you should run SSH on a non standard port, however if you run it on a port above 1024 and sshd crashes a user could potentially launch a script on the same port and intercept all incomming traffic so on our new servers we have moved back to port 22.

When CSF added the suphp warning it was in the days when suphp was the norm, now its much better in terms of performance and just as safe to run Apache with lsapi. Just make sure PHPs running with PHPs user and not with nobody and you should be fine.

**tapan** · 03-25-2016, 10:45 AM

HI,

Thanks for the advice. Can you please tell me how do I make sure that PHPs running with PHPs user and not with nobody ??

Thanks.

**clm** · 03-25-2016, 10:47 AM

Run a php script and either create a file with it and check the file owner or un ps aux |grep php while the script is running and that show show you what user is running PHP.

**tapan** · 03-26-2016, 02:27 PM

Hi,

My question again is:

Does CL (specifically Cagefs and LVE) works if Apache is complied with mod_ruid2 ???

Thanks.

**tapan** · 03-30-2016, 01:40 PM

Hi,

I had very bad experience with mod_lsapi and mysql governor. As soon as both were installed apache and mysql started crashing. I had 2 different teams working to resolve the issue but it didn and finally I gave up and uninstalled both of the them and after that apache and mysql didn crash. I am on centos 7 and apache + suphp.

So only cage and lve works rest of the things are useless I believe and thats why cl installer also doesn installs them put of the box. I hope cl listens to this and does something about it.

Thanks.

**bogdan.sh** · 03-30-2016, 02:34 PM

Hello Tapan,

We are really interested to find out the core of the issue, but never got a reports about similar problem. Could you please create a ticket at https://helpdesk.cloudlinux.com/ and provide us with as much information as you have? Maybe some core files created or so?

What works with ruid2 and what does not could be found in our compatibility matrix: http://docs.cloudlinux.com/index.htm...ty_matrix.html .

**webmaster** · 04-08-2016, 09:44 AM

Tapan,

Did you migrate from CentOS or did you install CL on a fresh server? Weve installed CL on all our new servers and everyting works perfectly. I was very impressed with mod_lsapi (LiteSpeed) that actually increasedspeed by over 3 times compared to Apache. Looking forward to the next cPanel build and installing EasyApache 4.

**tapan** · 04-09-2016, 09:59 AM

Hi,

Yes I migrated from CentOS to CL. Now I am also using mod_lsapi and mysql governor but now I am getting Suspicious Process running emails etc.

Thanks.

**webmaster** · 04-09-2016, 04:49 PM

Care to share? Ive had a few issues with mail too that I managed to resolve,

Btw, you remeber to always to
cagefsctl --force-update
service httpd restart
yes?

**bogdan.sh** · 04-13-2016, 10:42 AM

Who is sending this report to you? You may add /usr/selector/lsphp to whitelist there so you will not be bothered. From other side - yes it is suspicious it is running for 70+ seconds however it could depend from LVE speed limit and number of requests for this LVE.

**tapan** · 04-15-2016, 02:27 AM

I think its CSF. How do I limit the time ???? Secondly what lve speed limit and number of requests you use ???

I currently have the following for all my packages:

===
Speed: 100%
VMem (MB): -
Pmem (MB): 1024
EP: 20
NProc: 100
IO: 1024
IOPS: 1024
INODES: -|-
===

How / what is best ?? My server is 16 cores with 96 GB RAM.

Thanks.

Announcement

CloudLinux with mod_ruid2 ?

CloudLinux with mod_ruid2 ?

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment