Search results

It is fine as long as it is not 80 or 2080, or default 8088 is good choice, actually, you could remove that listener later, since it is configured through Apache httpd.conf.

Access logging can be turned off internally with vhosts configured via our web console, it cannot be turned off when LSWS read apache configuration. You can remove the log file with a cron job.

There are definitely a few other ways to break things intentionally. ;)

How often do you need to restart LSWS five times in a row within 5 seconds period? Why do you need to do that? It could be a problem if all rails applications are set to "run on startup", so you got 20 rails frameworks to be initialized at start up. We probably will add a feature to let user...

Please make sure your python script can be started successfully from command. The jon.fcgi package might be outdated, I failed to run it with Python2.5, maybe you should try the fcgi module in flup package. It should not matter that TCP socket or Unix socket was used.

Does it work when you access http://serverdoamin.com/squirrelmail ? You probably just need to make "default_pref" world readable. chmod a+r default_pref Same for the "data" directory if need.

Yes, chroot is a enterprise feature. Since LSWS can run all scripts in suEXEC mode, including PHP and CGI, do not need a feature like mod_ruid, and mod_ruid is not that safe without kernel patches. Answer to your second question is: No.

Web Server run as nobody:nobody User's document root is owned by user:nobody with permission mask 0750 Force GID to another user id: web-share. For anything need to be shared server wide, should owned by nobody:web-share, with permission mask of 0750 or 0770, depends on whether you want a user...

LSWS can run PHP, CGI in suEXEC mode, usually under the uid/gid of the owner of document root. And you can force the gid to something else.

LSWS has built-in watch dog process, unless there are hardware problem or mis-configuration, LSWS will never go down. :)

You can pretty much do the same thing with LSWS. Whatever you can do with Apache, you can do it with LSWS.

Sorry about that. I thought we mentioned that in the tutorial. Fixed.

Are you using cPanel or other control panel? If you use cPanel, you need to install LSWS as nobody:nobody, if you use direct admin, you need to install LSWS as apache:apache, do not import apache configuration during installation. do not use port 80 and port 2080 during installation. Please...

For the first question, it is normal, LSWS itself will deny access to those directories, but not for the scripts executed. for php you need to set "open_basedir". One way to strict access to some directories is to run the script in a chroot jail, but it will require a lot of extra work to build...

You can use our caccti integration, tutorial is in our wiki.

There is an uninstall script under lsws/admn/misc. give it a try, then you can remove the lsws directory.

The way Unix/Linux file system permission works is that if the parent directory is not world readable, then its sub-directories are not world readable no matter what the permission mask is on the subdirectory. So, if the permission of a user's home directory has been set properly, then other...

Not a problem. Some of the restriction of Apache suEXEC is not necessary to me, as when you make suEXEC happy with the script permission, the end result might be exactly as what LSWS produce without those restrictions. :) Basically, we want our suEXEC implementation easy to use while maintain...

I might be wrong, but I believe the 500 error is not because the CGI accessing another user's file, Apache will not check what the script does. Apache suEXEC has many restrictions, in this case, maybe the requirement of ownership of the script does not meet. You will get 500 error even when the...

LiteSpeed uses the uid/gid of the owner of the document root, instead of the owner of the script, in most cases, those two should match. When they do not match, document root uid is preferred, as it is more secure to us.