On most Apache web servers PHP is run as an Apache module which is the default/standard method of running Apache on a web server. Because PHP runs as an Apache module all PHP applications are executed with the user

ID of the web server which is usually the "nobody" user but can be set to any user ID that the system administrator wants to use. With PHPsuexec all PHP applications are executed with the user ID of the account that they are associated with and not the user ID of the Apache server.


Why are we switching to PHPsuexec?

We are switching to PHPsuexec because it improves the security and operation of the servers. Currently if an account is running malicious PHP scripts such as scripts used to send spam or cause performance issues on the server it can take a while to track down which account is causing the problem and resolve it. With PHPsuexec enabled we can find the offending account in minutes and resolve the problem caused by the offending script. PHPsuexec will also solve some of the file and directory ownership and permission problems that some of you have had with various PHP applications .




Keywords: Apache ,web servers, PHP , Apache module w, PHP applications , user, administrator ,Apache server,PHPsuexec,security , PHP scripts,file , directory ownership ,permission problems