At Cadent, we use Parallels Plesk Control Panel Software for Hosting on our servers (we’ve also used the open source Webmin and the commercial CPanel). Plesk has a great user interface, which our clients appreciate.
It also imposes its own way of doing things, which can be a bit of a pain when tracking down subtle issues with server configuration. Because Plesk rewrites many configuration files automatically, it’s really critical to ensure that I make any manual changes to the server configuration in the right place, or Plesk will overwrite my efforts without remorse.
The issue we needed to address was this: we installed Joomla! 1.0 on our development server, and Joomla reported the following configuration problems:
• Safe mode was on, needs to be off.
• The session directory was unwriteable.
PHP: Safe Mode is a global setting allows only a file's owner or group to execute the script or read a file. Clearly, this is a good thing for security reasons, but it is now officially deprecated in PHP 6, since it is not "architecturally" correct. Nevertheless, Joomla 1.0 wants it off. Since the server hosts multiple domains, we don’t want to turn off safe mode for the entire server, by changing the settings in /etc/php.ini. Instead, we want to implement it “locally,” as Joomla terms it. In Joomla 1.0, you can compare the local and master settings for PHP on the PHP Info tab, available from the administrator interface via System > System Info.
The session directory issue was also thornier than expected. After logging in as root and changing the permissions for the specified directory, and restarting Apache, Joomla still refused to recognize the changed status of the session directory -- even though I could see Joomla writing session files to the specified directory!
I logged in to the bash shell via ssh to check the directory permissions. A simple bash command lists permissions by file:
# ls -lh /var/www/vhosts/domain.com/httpdocs/
...
drwxr-xr-x 9 ftplogin psacln 4.0K Mar 11 10:42 administrator
drwxrwxrwx 2 ftplogin psacln 4.0K Mar 11 10:42 cache
-rw-r--r-- 1 ftplogin psacln 103K Mar 11 10:42 CHANGELOG.php
drwxrwxrwx 18 ftplogin psacln 4.0K Mar 18 02:52 components
...
The user name “ftplogin” is the account that uploads & maintains the file via FTP, and “psacln” is the Plesk group for ... something. Anyway, neither of these are “apache” and that’s the account that needs to execute the PHP scripts for Joomla to run.
At first, I thought there might be some conflict with PHP’s openbasedir (see the PHP: Safe Mode - Manual for details) but after checking to ensure that the session directory was in the openbasedir path, we determined the problem was elsewhere. Since openbasedir is associated with Safe Mode in PHP, it made sense to try to fix the Safe Mode issue first.
At first glance, this seems the perfect opportunity to use .htaccess files, but for some reason, this didn’t work. I turned to the Apache configuration files. The master configuration file, in /etc/httpd/conf/httpd.conf, is certainly not the place to make local settings changes. Plesk stores domain-level Apache configuration settings in
/var/www/vhosts/<domainname>/conf/httpd.include
but this isn’t the place to make changes either, as noted in the file header:
[root@domain.com ~]# cat /var/www/vhosts/domain.com/conf/httpd.include | head -8
# ATTENTION!
# DO NOT MODIFY THIS FILE OR ANY PART OF IT. THIS CAN RESULT IN IMPROPER PLESK
# FUNCTIONING OR FAILURE, CAUSE DAMAGE AND LOSS OF DATA. IF YOU REQUIRE CUSTOM
# MODIFICATIONS TO BE APPLIED TO THE CONFIGURATION, PLEASE, PERFORM THEM IN THE
# FOLLOWING FILE(S):
# /var/www/vhosts/domain.com/conf/vhost.conf
# /var/www/vhosts/domain.com/conf/vhost_ssl.conf
# /var/www/vhosts/domain.com/subdomains/<subdomain-name>/conf/vhost.conf
Note that I’ve substituted the generic “domain.com” for our actual domain name.
Since we are staging the site in a subdomain, I looked into the last option. After some difficulty, like the malformed config file that I wrote that prevented Apache from restarting, I succeeded with these steps:
1. Create a vhost.conf file with the correct directive in the specified directory.
2. Tell Plesk about the new vhost.conf file.
3. Restart Apache.
Those steps, executed correctly, fixed both the Safe Mode and the session directory issues. Here’s what I did at the command line, logged in as root (using ssh, obviously!)
Create vhost.conf file
Create the new file.
[root@server ~]# nano /var/www/vhosts/domain.com/subdomains/<subdomain-name>/conf/vhost.conf
Enter:
<Directory /var/www/vhosts/domain.com/subdomains/<subdomain-name>/httpdocs>
php_admin_flag safe_mode off
</Directory>
Save & exit.
Tell Plesk about the new vhost.conf file
[root@server ~]# /usr/local/psa/admin/sbin/websrvmng --reconfigure-vhost --vhost-name=domain.com
Restart Apache
[root@server ~]# /etc/rc.d/init.d/httpd restart
Stopping httpd: [ OK ]
Starting httpd: [ OK ]
Finally, check the settings in Joomla (System > System Info) -- all set!
It also imposes its own way of doing things, which can be a bit of a pain when tracking down subtle issues with server configuration. Because Plesk rewrites many configuration files automatically, it’s really critical to ensure that I make any manual changes to the server configuration in the right place, or Plesk will overwrite my efforts without remorse.
The issue we needed to address was this: we installed Joomla! 1.0 on our development server, and Joomla reported the following configuration problems:
• Safe mode was on, needs to be off.
• The session directory was unwriteable.
PHP: Safe Mode is a global setting allows only a file's owner or group to execute the script or read a file. Clearly, this is a good thing for security reasons, but it is now officially deprecated in PHP 6, since it is not "architecturally" correct. Nevertheless, Joomla 1.0 wants it off. Since the server hosts multiple domains, we don’t want to turn off safe mode for the entire server, by changing the settings in /etc/php.ini. Instead, we want to implement it “locally,” as Joomla terms it. In Joomla 1.0, you can compare the local and master settings for PHP on the PHP Info tab, available from the administrator interface via System > System Info.
The session directory issue was also thornier than expected. After logging in as root and changing the permissions for the specified directory, and restarting Apache, Joomla still refused to recognize the changed status of the session directory -- even though I could see Joomla writing session files to the specified directory!
I logged in to the bash shell via ssh to check the directory permissions. A simple bash command lists permissions by file:
# ls -lh /var/www/vhosts/domain.com/httpdocs/
...
drwxr-xr-x 9 ftplogin psacln 4.0K Mar 11 10:42 administrator
drwxrwxrwx 2 ftplogin psacln 4.0K Mar 11 10:42 cache
-rw-r--r-- 1 ftplogin psacln 103K Mar 11 10:42 CHANGELOG.php
drwxrwxrwx 18 ftplogin psacln 4.0K Mar 18 02:52 components
...
The user name “ftplogin” is the account that uploads & maintains the file via FTP, and “psacln” is the Plesk group for ... something. Anyway, neither of these are “apache” and that’s the account that needs to execute the PHP scripts for Joomla to run.
At first, I thought there might be some conflict with PHP’s openbasedir (see the PHP: Safe Mode - Manual for details) but after checking to ensure that the session directory was in the openbasedir path, we determined the problem was elsewhere. Since openbasedir is associated with Safe Mode in PHP, it made sense to try to fix the Safe Mode issue first.
At first glance, this seems the perfect opportunity to use .htaccess files, but for some reason, this didn’t work. I turned to the Apache configuration files. The master configuration file, in /etc/httpd/conf/httpd.conf, is certainly not the place to make local settings changes. Plesk stores domain-level Apache configuration settings in
/var/www/vhosts/<domainname>/conf/httpd.include
but this isn’t the place to make changes either, as noted in the file header:
[root@domain.com ~]# cat /var/www/vhosts/domain.com/conf/httpd.include | head -8
# ATTENTION!
# DO NOT MODIFY THIS FILE OR ANY PART OF IT. THIS CAN RESULT IN IMPROPER PLESK
# FUNCTIONING OR FAILURE, CAUSE DAMAGE AND LOSS OF DATA. IF YOU REQUIRE CUSTOM
# MODIFICATIONS TO BE APPLIED TO THE CONFIGURATION, PLEASE, PERFORM THEM IN THE
# FOLLOWING FILE(S):
# /var/www/vhosts/domain.com/conf/vhost.conf
# /var/www/vhosts/domain.com/conf/vhost_ssl.conf
# /var/www/vhosts/domain.com/subdomains/<subdomain-name>/conf/vhost.conf
Note that I’ve substituted the generic “domain.com” for our actual domain name.
Since we are staging the site in a subdomain, I looked into the last option. After some difficulty, like the malformed config file that I wrote that prevented Apache from restarting, I succeeded with these steps:
1. Create a vhost.conf file with the correct directive in the specified directory.
2. Tell Plesk about the new vhost.conf file.
3. Restart Apache.
Those steps, executed correctly, fixed both the Safe Mode and the session directory issues. Here’s what I did at the command line, logged in as root (using ssh, obviously!)
Create vhost.conf file
Create the new file.
[root@server ~]# nano /var/www/vhosts/domain.com/subdomains/<subdomain-name>/conf/vhost.conf
Enter:
<Directory /var/www/vhosts/domain.com/subdomains/<subdomain-name>/httpdocs>
php_admin_flag safe_mode off
</Directory>
Save & exit.
Tell Plesk about the new vhost.conf file
[root@server ~]# /usr/local/psa/admin/sbin/websrvmng --reconfigure-vhost --vhost-name=domain.com
Restart Apache
[root@server ~]# /etc/rc.d/init.d/httpd restart
Stopping httpd: [ OK ]
Starting httpd: [ OK ]
Finally, check the settings in Joomla (System > System Info) -- all set!
0 comments:
Post a Comment