CageFS and PHP Selector Installation- CloudLinux on cPanel Server

Jul 26 • All • 1771 Views • No Comments on CageFS and PHP Selector Installation- CloudLinux on cPanel Server

What makes CloudLinux different is that in CloudLinux, each user has his own LVE ( Light Weight Environment ). Quoting from the CloudLinux Documentation:

LVE (Lightweight Virtual Environment) is a kernel level technology that allows you to control resources for group of processes. Such technology allows for application level virtualization, and especially beneficial for multi-tenant environments such as shared hosting. In shared hosting environment, such limits make sure that no single site can slow down or take down a server.

Apart from that there are also many other advantages to using CloudLinux including

1) Advanced server security

2)  Multiple PHP versions (through PHP Selector)

3) A user wont be able to peek at other users running processes.

4) Symlink attacks can be prevented

5) Hardened kernel

6) Server configuration files are hidden from users.

7) User won’t be able to see other users’ files. In fact he cannot even list other accounts. If a user navigates to /home and lists the directories/files all he can see is his home directory.

8) Admin interface within cPanel & WHM software to easily manage account usage Within cPanel, CloudLinux gives the visibility and accessibility to see and control the exact resource usage of each website.

Even though users are caged, they will in no way feel restricted.

Requirements for Installing CageFS

For CloudLinux 5 version, lve0.8.54 or above and for CloudLinux 6 version, lve1.2.17.1 or above is required.

At least 7 G of disk space is required. Please note that these are the minimum requirements and as you can figure out, the higher the better.

Depending upon the number of users which are to be added up to 8MB per customer in /var directory to store custom /etc directory and disk space of 5GB to 20GB is required in /usr/share directory to store safe skeleton of filesystem.

CageFS installation

There are no hard configuration steps required. To install CageFs, login to the server as root and issue the following commands.

root@server:~#yum install cagefs

Next is to create skeleton directory which is about 7GB in size.

root@server:~#/usr/sbin/cagefsctl –init

If  /usr/share directory does not have enough disk space, then follow the steps below to place cagefs skeleton in different location.

root@server:~#mkdir /home/cagefs-skeleton


root@server:~#ln -s /home/cagefs-skeleton /usr/share/cagefs-skeleton

assuming /home has sufficient space and that is the directory you are choosing. If a different path is to be used, tweak the command accordingly.

If you have changed the skeleton directory to /home, then follow the below step also.

Log into WHM >> Server configuration >> Basic cPanel/WHM setup

In Additional Home directories under Basic Config section, change the value to blank (not default “home”).

Once this setup is done, you can enable CageFS for users. By default, CageFS will be disabled for all users.

PHP Selector installation.

The installation steps are as follows. Login as root and issue the command

root@server:~#yum groupinstall alt-php

Next step is to update CageFS and LVE Manager with support for all PHP alternatives

root@server:~#yum update cagefs lvemanager

Thats it 🙂

In the WHM >> Packages >> Feature Manager, make sure ‘Select PHP version‘ is enabled. (edit the package in question there to enable it)

222

Once this is enabled, default location for alt-php will be as follows:

The configuration file (php.ini) path for your PHP (for version 5.4) will be /opt/alt/php54/etc
Loaded configuration file – /opt/alt/php54/etc/php.ini and similarly for other PHP Versions. (the directory in /opt/alt will be different respecitve to the version needed)

After enabling PHP Selector, placing custom php.ini files to accounts’ in public_html folder will break the website. Custom PHP settings can be done through cPanel >> Select PHP Version or else PHP Values should be specified in .htaccess file.

Related Posts

Leave a Reply

Your email address will not be published. Required fields are marked *

« »