Why the changes?
The first reason is we'd like to be able to offer you PHP 5 for your web site(s). Secondly security. PHP has always been notoriously hard to secure from a hosting provider's perspective. Many don't bother and security breaches are common as a result.
We've just added a bunch of security measures for PHP scripts which will ensure the integrity of your site and data, as well as for others sharing the hosting platform.
Is my site affected?
We've upgraded the software with handles serving our your web files (Apache) to version 2.2.3. We've also introduced a number of new features to our PHP service so if you host a website with us and it runs PHP scripts you'll probably want to keep reading.
If you just host "static" content (html, images etc) or scripts written in another language (e.g Perl) then this FAQ isn't so much for you, since there shouldn't have been any change to the way your site content is delivered.
These changes have no bearing on Windows hosting accounts.
Why PHP 5?
PHP 5 is now the mainstream recommended version of PHP.
Interspeed always endeavors to run versions of software for its clients in line with current industry best-practices. This ensures not only that your website is always served by a robust, secure and fast hosting platform, but also that we can quickly apply security updates if and when they come out as our software is always up-to-date.
Although PHP 5 offers many new features, it's designed to be as compatible with earlier versions of PHP as possible with little functionality being broken in the process.
PHP 5 is now the default version of PHP enabled for each site hosted at Interspeed.
What else has changed?
This restricts all PHP scripts to operating within the home user directory to which they belong for security reasons.
If for some reason your scripts need to access files outside of your home directory please contact us with the details and we can arrange it for you.
- We are using php5-cgi (plus fastcgi).
This has implications if you use php_value or php_admin_value directives in htaccess files. See below for more details.
- register_globals is now "Off" by default.
This is in line with industry best-practices see here for more information.
If your PHP application still insists on register_globals being "On" you can enable it for your site using the new MyPanel PHP Options.
- The open_basedir restriction is now in effect.
Help! My site is broken!
As part of the upgrade we've attempted to identify if your site(s) would work with PHP 5 plus any php.ini option requirements and pre-configured it for you if we've spotted any issues.
However, we can't test every page and it's possible we missed your site or script errors and have not altered its PHP options from the new defaults.
If you're getting errors on your site here is a list of common ailments and how to remedy them:
You can enable register_globals for your site using the new MyPanel PHP Options.
Changes take 15 minutes to go through.
Do you have a custom .htaccess file in this directory? If it contains "php_value" or "php_admin_value" or "php_admin_flag" Apache directives these should be either removed or encased in an "<IfModule>" statement to ensure they're compatible with php-cgi e.g:
Configuration options such as these should now be set using the new MyPanel PHP Options interface. If an option there is not available and you require it please contact us about it.
Try logging into OSCommerce as admin and setting the configuration option "Use Search-Engine Safe URLs (still in development)" to False.
You can implement safe search-engine URLs using .htaccess files and Apache mod_rewrite rules if required.
Using your FTP program "CHMOD" the file so that it is not writable.
Make sure you've typed the URL in correctly and that the files exist on the server. It's possible we had a custom Apache rule in for you which may still need updating. If you're sure the files are there and it should be working please contact us.
If you're using .htaccess files and overridding any Options directives make sure you have a "+" next to each e.g:
Options +Indexes +FollowSymLinks +Includes
- "register_globals is turned Off!" message.
- "Server Error!" page.
- My OSCommerce links don't work any more.
- "file is writable /catalog/includes/configure.php" in the page header.
- "Object not found!" error.
- "Access Forbidden 403" error.
The new MyPanel "PHP Options" module
This is available to any hosted site.
Log into MyPanel, select the account (if not already selected), click "services" then "PHP Options".