03300 885 250

Technical Infrastructure Status

We believe in full transparency, everything you see here is 100% live.
RESOLVED
This announcement has been resolved, no further updates are expected.
Transition to suPHP (schedule)
This announcement is related to our upcoming work on all reseller servers to enable suphp. suPHP is a tool for executing PHP scripts with the permissions of their owners. It consists of an Apache module (mod_suphp) and a setuid root binary (suphp) that is called by the Apache module to change the uid of the process executing the PHP interpreter. In more general terms, enabling suphp will add an additional layer of security and remove issues related to file ownership permissions when using popular PHP based applications such as Wordpress and Joomla.

We will be carrying out this change on those servers listed below:

--------------
April 26, 2010 - 12:00 AM EST
--------------
baker
iha
king
prince

--------------
April 26, 2010 - 10:00 PM GMT
--------------
ace
atkins
barat
beck
bellamy
berry
blackmore
buckley

--------------
April 27, 2010 - 10:00 PM GMT
--------------
butler
carr
clapton
collins
coombes
davies
doherty
edge

--------------
April 28, 2010 - 10:00 PM GMT
--------------
fripp
gallagher
gem
gilmour
greenwood
harrison
harvey
hazel

--------------
April 29, 2010 - 10:00 PM GMT
--------------
hendrix
iommi
knopfler
may
mccartney
miller
oldfield
page

--------------
April 30, 2010 - 10:00 PM GMT
--------------
pierce
richards
ronson
santana
slash
townshend
utley
white
young


This is quite a large scale change but we'd first like to reassure all clients that in the vast majority of cases there will be no difference and the work will be un-noticable. In fact, we have been running suphp on our shared hosting servers for some months now with ZERO problems or issues and all previous upgrades have gone very well. This announcement is aimed at highlighting some of the slight differences when PHP is running in a suphp environment.

1. Permissions (WILL BE HANDLED BY US)

With suphp it will not be possible to make insecure permission settings to scripts such as 777 world writable. Any PHP files should be set to 644 (or less) with directories set to 755 (or less). This is a much more secure hosting environment and any changes to permissions or ownership required on existing scripts will be handled by us as part of the work.

Any files currently set to 777, 757, etc. will be changed to 755 as a safe global change, you can change them to 644 from there, if you wish. This only changes files and directories that are currently set to group or world write permissions and ignores any other files. This changes more than php files, to be the most safe and consistent change, in case you have any CGI files or other that are too open (and insecure) with its permission. Finally, any files that need to be set to "read only" should be set to 444 or 400.

2. .htaccess php rules (WILL BE HANDLED BY US)

At the moment it is possible to change some php options by using a line in a .htaccess file such as "php_value option x" or "php_flag option x". This will no longer be possible after the suphp install and any php options will need to be configured in a file called php.ini using the syntax 'option_name = "value"'. Once again, we will take care of converting lines of .htaccess files to php.ini files at the time of the work.

3. SetHandler rules

Any clients who have setup SetHander rules will need to change these as follows. Any instances of:
ForceType application/x-httpd-php
or
SetHandler application/x-httpd-php

Need to be sure they use -php5 instead of -php:

ForceType application/x-httpd-php5
and
SetHandler application/x-httpd-php5

4. Account quotas

To date, any files created using a PHP script have been under Apache ownership and not counted towards the user account quota. This will change and all quotas will be much more accurate after the work which is a major benefit for account accuracy and when clients with to modify files created using scripts via FTP which will be possible without issue with suphp.

5. Joomla

For any clients using Joomla, it is important to have the $live_site variable configured with the domain of the account. Most installs should already have this set but it's worth taking a few seconds to check before this work is done.

If anyone has any questions please feel free to contact us at help@clook.info
Updated by Alec B. on 14th Apr 2010 @ 17:22pm