PHP Selector and litespeed ?
Forum
  1. Forums
  2. General
  3. General Discussion
  1. Richard Hordern
  2. 13.01.2013
  3.  Subscribe via email
Hello,

On our latest setup we have configuration PHP fcgid with APC + CageFS with PHP selector + ASL + Unixy Varnish

We recently discovered that (at least out of the box) Unixy Varnish plugin is not completly compatible with shared hosting because the Varnish admin console is accessible to all users. Their support suggested changeing the port or uninstalling all plugins that access varnish configuration, but this is not good enough for a shared hosting server. A single user with the right knowledge (or lack or knowledge) can crash varnish !

Because ASL uses around 170MB per httpd process we rearly need some form of cache we can activate on sites which have a large amount of visits.

We\'re now thinking about trying Litespeed to see how good it is.

I\'ve read a few requests on their forums asking them to make Litespeed compatible with PHP Selector.

Is PHP Selector still not compatible with Litespeed ? Can CloudLinux do anything about this or would we have to wait for Litespeed to do something about this ?

Litespeed allows users to change their PHP version with .htaccess, and to install multiple PHP versions from source.

Would it be possible to install alt-php and configure litespeed to use alt-php instances so that all PHP versions could be updated with yum instead of recompiling PHP from source each time.

I can live without the ability for users to change modules, and without having the ability to select PHP version directly in cPanel (but have to edit htaccess files) at least until a solution is found. But I would like to not have to manually compile multiple PHP versions on every serever.

Thanks
Rate this post:
  1. 13.01.2013 10:01:29
  2. # 1
Igor Seletskiy Accepted Answer
Posts: 1201
Joined: 09.02.2010
0
Votes
Undo
PHP Selector is currently not compatible with LiteSpeed. It is one of the next things we plan to take care off.
  1. 13.01.2013 10:01:05
  2. # 2
Richard Hordern Accepted Answer
Posts: 219
Joined: 19.03.2011
0
Votes
Undo
Thanks :)

At the moment we only rearly need PHP 5.3 as quite a few scripts are still buggy with PHP 5.4 but in a year or so it will be important to have PHP 5.4 as well as PHP 5.3.

Until then we will manually compile PHP 5.2 for the few sites that aren\'t compatible with PHP 5.3 :)

Do you think we can hope for PHP selector to work with litespeed within the next year ?
  1. 13.01.2013 10:01:32
  2. # 3
Igor Seletskiy Accepted Answer
Posts: 1201
Joined: 09.02.2010
0
Votes
Undo
Richard,

I hope for Q1 of 2013.
  1. 13.01.2013 13:01:31
  2. # 4
UNIXy UNIXy Accepted Answer
Posts: 2
Joined: 13.01.2013
0
Votes
Undo
Hi Richard,

Did you miss the part in the ticket where we presented you with an actual security measure you can take right now to prevent this from happening? Perhaps you posted this before reading the ticket entry in question? Here it is again for your and other folks information:

Richard: Does this mean that your varnish plugin is not completly compatible with a server that will be used for shared hosting ?

UNIXY
: No it is depending on what you intend to use it. You can prevent server access by following this article: http://www.unixy.net/secure/knowledgebase/128/How-to-protect-access-to-the-admin-console-of-Varnish.html

At the very least, please be considerate so as to not spread misinformation. It's important to wait for an answer from Varnish support especially when it relates to important matters like is the case here (FYI support is only available during week day business hours).

Thank you
  1. 13.01.2013 15:01:57
  2. # 5
Richard Hordern Accepted Answer
Posts: 219
Joined: 19.03.2011
0
Votes
Undo
Hello Unixy,

Yes I saw your answer after posting here. Your first answer was to not use the PHP module or change the port which I didn\'t concider secure enough.
Your second answer is a little better, I presume that with a long secret file it\'s as good as a password on the MySQL user when used along side with CageFS.

I haven\'t abadoned your plugin yet and recently your support has been fast but I do want to give litespeed a go for these reasons :

1) Files that aren\'t in cache should show faster as Varnish depends on Apache for the initial load and litespeed says it is faster then Apache

2) Litespeed allows users to activate cache or deactivate in their .htaccess file. They can choose TTL on a per file name or URL basis


3) Litespeed has a will with alot of information as well as a forum Unixy does not have much of a wiki and doesn\'t have a forum and support can sometimes be slow without any way of searching or asking help fr om other members

4) Litespeed will hopefully allow me to run APC with one cache per user wh ereas apache + fcgid I have to run multiple caches per user



5) Fr om what I have read (I haven\'t actually verified yet) cPanel bandmin counts local bandwith and therefore (if this is true) shows wrong values of bandwith in the statas (could be resolved by removing all lim its for users but users wouldn\'t be able to know the true value of bandwith they used).

Have you thought about making it possible for each cPanel user to be able to activate or deactivate varnish with a cPanel plugin or .htaccess file like Litespeed does it ? It seems to make more sense to detect certain headers then for the server admin to have to do all these settings.

If I use Litespeed I will build a simple .htaccess generator in PHP with a few options to allow users to simply activate their cache. (With preconfigured scripts and a list of disallowed URLS for example).

If I have issues with litespeed or if it\'s slower I will be back to Varnish for sure :)
  1. 13.01.2013 22:01:21
  2. # 6
UNIXy UNIXy Accepted Answer
Posts: 2
Joined: 13.01.2013
0
Votes
Undo
I didn't see a correction to your post (following the security measure post in our support portal). Hence my reply here. Please open a request in the Varnish queue if you have any question regarding the plugin. I'd hate to derail your thread here since it's about Litespeed and CloudLinux. Feel free carry on.


Regards
  • Page :
  • 1


There are no replies made for this post yet.
Be one of the first to reply to this post!
Guest
Submit Your Response
Upload files or images for this discussion by clicking on the upload button below. Supports gif,jpg,png,zip,rar,pdf
• Insert • Remove Upload Files (Maximum File Size: 2 MB)
Captcha
To protect the site from bots and unauthorized scripts, we require that you enter the captcha codes below before posting your question.