NoPic eZine
  
Home
phpWebSite designAid@0.10.2
phpWebSite designAid@1.0.0
phpWebSite Main
phpWebSite Forum 1.x
phpWebSite AT (Rene)
phpWebSite CA (Verdon)
phpWebSite CO.UK
phpWebSite DE,EU
phpWebSite DK (Kenneth)
phpWebSite NL
phpWebSite Community
phpWebSite Manual
phpWebSite SupportForum
phpWebSite Wiki
phpWebSite SVN
Impressum/Imprint
Datenschutz/Policies
dc4db eZines
 

   en

1.3.Analyze WebSpaces

Most people intended to use or to try phpWebsite have a shared WebSpace of any kind. To analyze what is given is not very difficult. A function like phpinfo() for example just shows essential details.

A code snipple called pwsdiag is a small php script to analyze the surrounding environment. The code fetches some configuration options and writes an unimportant file to see the owner and permissions. pwsdiag does not require phpWebsite just being installed, rather then wants to give preliminary informations for a successfull setup of phpWebsite.

  • Download pwsdiag, available at

    • sourceforge.net

  • Transfer pwsdiag to your webSpace (to the public web folder, something that sounds like public_html).
  • With your webBrowser, call the Url of your site, like:
    //your.domain.any/pwsdiag.php

The output looks like:

Expl.1 Section 1

1.1.Php-OS and version......: Linux, 5.2.3-1ubuntu6.3
1.2.WebServer...............: Apache/2.2.4 (Ubuntu) mod_fastcgi/2.4.2
                              PHP/5.2.3-1ubuntu6.3 mod_ssl/2.2.4
                              OpenSSL/0.9.8e
1.3.Php Running Mode........: apache2handler
1.4.Protocol................: HTTP/1.1
1.5.DocumentRoot............: /var/www/web5/web
1.6.WebAddress..............: pws140.local.vnet
1.7.MemoryLimit.............: global:128M, local:128M
1.8.MaxExecTime.............: global:30s, local:30s
1.9.SafeMode ...............: global:Off, local:Off

Is telling the operating system family, the Php environment and some webServer details. At item 1.2, the keywords cgi/fcgi telling the general possibilities of cgi modes Php is configured with; that does not mean such mode is just used. The fact, in this example, Php is not running with cgi/fcgi is seen at item 1.3, where apache2handler is told instead of any cgi/fcgi handler.

Expl.1 Section 2

2.1.SystemUserContext.......: web5_u2
2.2.SystemUser..............: web5_u2,10006
2.3.SystemUserHomeDir.......: /var/www/web5 (real part out off chroot)
2.4.SystemUserGroup ........: web5,10005,m=(admispconfig,web5_u2)
2.5.File Permissions........: 0644 (-rw-r--r--)

Is telling the sysUser. The sysUser is the one Php reports as current user, assigned to the running Php process. That may be a self speaking webServer account name, or an account name you have the suspicion its yours.

Expl.1 Section 3

3.1.WebServerUserContext....: www-data
3.2.WebServerUser...........: www-data,33
3.3.WebServerHomeDir........: /var/www (real)
3.4.WebServerGroup..........: www-data,33,m=()

Is telling the webServer user context - the user the webServer is assigned to.

If the shown users are the same between section 2 and section 3 AND 1.3 omits any cgi indice, that is probably a simple server condition. The mentioned user of 2.1 is probably not the account you are using for FTP or similar.

If the shown users are the same between section 2 and section 3 AND 1.3 tells an cgi indice, best with an fcgi indice, AND the mentioned user is not the native Apache webServer account, you are close to a sufficient environment.

If the shown users differ between section 2 and section 3, the user environment (!) is probably chrooted. Such situation AND 1.3 omits any cgi indice, let it assume the sites environment (!) is not well chooted because of insufficient (or very intended) conditions to Apache's suexec. Exact such situation prevents a successfull content management use. Problems will arise, showing in the next section.

Expl.1 Section 4

4.1.Writing a file at.......: /var/www/web5/web = possible
4.2.FileOwner...............: www-data,33
4.3.FileGroup...............: www-data,33
4.4.FilePermissions.........: 0664 (-rw-rw-r--)

The pwsdiag script writes a file, named test.nop (the name tells how important this file is for the future). Who has written the file? Be sure: the webServer (the assigned sysUser the webServer runs with). Try to open the file with an editor, it is readable because of world readable permission (in this case here). But to try to save, to write with an editor, gains no success because of permissions equalized to not writeable for the world. Try to delete the file is prevented with the same reason. Exactly that is the trap your are in when driving a content management system in an unsuitable webSpace. Believe or not, there is no exit out of trap.

Expl.1 Section 5

5.1.Apache moduless loaded..: core
                              http_core
                              mod_actions
                              mod_alias
                              mod_auth_basic
                              :

Tells, perhaps, the webServers modules loaded. May telling nothing. That circumstance depends on cgi mode. If (any) modules are shown, Apache runs in module mode and is not wrapped to any cgi mode. Thus, you are shared anyway in a fashion, where the webServer with Php has preferered performance, but you are probably an anybody user with only very minor permissions, or chrooted. Most probably also, you are not able to change any permissions.

Conclusion: Simply that shown webSpace example is not worth one cent if you want to run a cms. If you pay one cent or more, you pay too much.

Expl.2

To have a view to an example sufficient enough for any cms to run:

1.1.Php-OS and version......: Linux, 5.2.3-1ubuntu6.3
1.2.WebServer...............: Apache/2.2.4 (Ubuntu) mod_fastcgi/2.4.2
                              PHP/5.2.3-1ubuntu6.3 mod_ssl/2.2.4
                              OpenSSL/0.9.8e
1.3.Php Running Mode........: cgi-fcgi
1.4.Protocol................: HTTP/1.1
1.5.DocumentRoot............: /var/www/web6/web
1.6.WebAddress..............: pws0102.local.vnet
1.7.MemoryLimit.............: global:32M, local:32M
1.8.MaxExecTime.............: global:30s, local:30s
1.9.SafeMode ...............: global:Off, local:Off

Item 1.3 shows cgi/fcgi - well ...

2.1.SystemUserContext.......: web6_u1
2.2.SystemUser..............: web6_u1,10007
2.3.SystemUserHomeDir.......: /var/www/web6 (real part out off chroot)
2.4.SystemUserGroup ........: web6,10006,m=(admispconfig,web6_u1)
2.5.File Permissions........: 0644 (-rw-r--r--)

Section 2 tells an user hopefully we detect our own ...

3.1.WebServerUserContext....: web6_u1
3.2.WebServerUser...........: web6_u1,10007
3.3.WebServerHomeDir........: /var/www/web6/ (real part out off chroot)
3.4.WebServerGroup..........: web6,10006,m=(admispconfig,web6_u1)

Section 3 shows an user very probably not the native webServer User; we are on the right side of the road ...

4.1.Writing a file at.......: /var/www/web6/web = possible
4.2.FileOwner...............: web6_u1,10007
4.3.FileGroup...............: web6,10006
4.4.FilePermissions.........: 0664 (-rw-rw-r--)

Section 4, with no surprise, shows the same user as in sections 2 and 3. The preconditions for phpWebsite looking very well.

5.1.Apache moduless loaded..: n/a because of cgi mode

That should be clear (is success).

Conclusion:

There are only some essentials reviewed for the setup and run of phpWebsite. Of course, a lot of parameters - like memory size available to you, and many much more, each may cause some trouble. But first, try to understand the elementary preconditions. Anything else may be solved a bit easier.

And, you should grant the output of pwsdiag not to the public, because there are some intim data echoed. That means, remove the pwsdiag script to a place outside the public folders, or rename is to something that is harmless, or simply delete it.

Any remarks, questions etc about the theme are requested to the associated sourceforge forum thread.

Copyright © 2006,2007,2008 VbID Verlagsbüro GmbH
pWS modules dcP, dcS, dc4db, Copyright © 2006,2007,2008 VbID Verlagsbüro GmbH
This Site is powered by phpWebSite © The Web Technology Group, Appalachian State University