Articles in this section

See more

mod_perl, mod_python, mod_php Apache modules are not installed by default in Plesk

Avatar
Alexander Tsmokalyuk
Updated
Follow
Plesk for Linux kb: how-to ABT: Group B

Applicable to:

  • Plesk for Linux

Question

mod_perl, mod_python, mod_php Apache modules are not installed by default.

Why are not they installed?

Answer

Starting from Plesk 12.5, the following changes were made in terms of Apache modules:

  • mod_perl and mod_python are not included.

  • mod_php still included but disabled by default.

It was done for security reasons.

Why using these Apache modules on shared hosting is insecure:

  1. File security.
    mod_php, mod_perl, and mod_python run under the account of Apache server, and therefore scripts executed by these modules can potentially access any user file. For example, files containing highly confidential personal data can be read by a script from another domain.

  2. Security of database connections.
    Database connections of other users can be hijacked, and since all users can read each other's code, database usernames and passwords are visible to any user.

  3. Potential system compromising.
    Due to security issues in Apache code (it can be resolved by using jails or chroot mechanisms).

Which options to use Perl and Python remain:

1. By default, Python and Perl are handled by FastCGI ( mod_fcgid module).
2. For Python, there is no special binary and, therefore, it has to be done inside the script itself. So it is necessary to add the required code into the .py file or use mod_wsgi (as described in this article).
3. For Python, it is also possible to use the Application server (this option is described in this article ).

4. As an alternative for Python support, consider using mod_wsgi which is part of CentOS and also allows Python apps to run under Apache.

Note: If an application is designed for use with mod_perl or mod_python, updating its code can be required.

Comments

4 comments

Sort by Date Votes
  • Avatar
    Fouad Ahmed Fouad

    File security with mod_php could be resolved by using other modules like mod_ruid2 which will enable every web site to work under its user owner such as FastCGI.

    Mod_php still needed in some scenarios such as when using a shared folder among web sites, some companies use Plesk to manage their own web sites and not as a shared hosting platform, so they have shared folders among web sites to store shared big images folders among web sites, I have a like scenario which a folder of 150G is shared among about 8 web sites.

     

    0
    Comment actions Permalink
  • Avatar
    Ivan Postnikov (Edited )

    Hello @Fouad, 

    As it is stated in this article, Apache doesn’t allow multiple versions of PHP using mod_phpmod_php can be enabled only for OS PHP.
    To enable mod_php for OS PHP check Apache handler is not available in Plesk article.

    Please, note that enabling the mod_php Apache handler is not safe as it is outdated and insecure.
    Check this article for instructions to add PHP modules.

    0
    Comment actions Permalink
  • Avatar
    Fouad Ahmed Fouad

    Hello Ivan,

          Some companies have to use mod_php on its own Plesk servers because they share code among their web sites, please note that not ALL companies are using Plesk for web hosting!

    For now I try on Obsedian to enable mod_php and when I tried to visit the links you recommended it says,

    You're not authorized to access this page

    This company for example share a folder which its size is about 500G among web sites hosted on their own Plesk, I need mod_php so I can use Apache user to be able to read and write to this folder from all sites hosted at Plesk, can you recommend another solution?

    I know i could greate a new group and add all web site system users to it so they share folders but I see to use mod_php is easier as this server has that config and it works well. please advise?

     

    0
    Comment actions Permalink
  • Avatar
    Yulia Plokhotnikova

    Hi @Fouad Ahmed Fouad,

    Indeed, the article was hidden as enabling mod_php can lead to serious security issues. But I will send instructions for you here so that you can enable it on your side:

    1. In Plesk, go to Tools & Settings > Apache Web Server:

      1.1. Change the MPM mode to Prefork.

      1.2. Click Apply.

      1.3. Enable the 'php5' module.

      1.4. Click OK.

      • Additionally on Debian/Ubuntu-based distributions, connect to a Plesk server via SSH and apply the following commands additionally:

        touch /var/lib/apache2/module/disabled_by_admin/mpm_event
        # touch /var/lib/apache2/module/enabled_by_admin/mpm_prefork
        # touch /var/lib/apache2/module/enabled_by_admin/php5

    2. Then, go to Tools & Settings > PHP Settings. and enable the Apache mod_php handler.

    3. To set the Apache mod_php handler for a domain, go to Domains > example.com > PHP Settings: Select PHP version by OS vendor and run PHP as mod_php.

    0
    Comment actions Permalink

Please sign in to leave a comment.

Have more questions? Submit a request

Related articles