Use php handler DSO to save your web hosting account from being hacked

How I saved my Linux web hosting account from hacking attempts.

The most serious threat your web hosting account faces is that .htaccess may be misused to redirect your traffic to some other destination. Tinkering robots.txt can seriously affect your crawl by Google etc.

I simply stumbled upon this technique when trying to optimize my web hosting account on Centos using Cpanel/WHM.

Using this technique you improve your hosting performance and also lower your memory usage.

Simply change your PHP-handler to DSO. It is same as erstwhile mod_php. You gain huge performance gain compared to SuPHP mode.

Now the Apache server runs as nobody user. Any hacker trying to gain access can only run as 'nobody' user.

Here is the technique.

Note:Replace 'login' with your account user name.

Run this as root user:

set -x

for login in  account1 account2
do
if cd /home/$login/public_html
then
chmod -R 777 .
chown -R nobody:nobody .
find .  \( -name .htaccess -o  -name 'robots.txt' \)  -exec chmod 755 {} \; -exec chown $login.$login {} \;  -exec ls -l {} \;
chown $login.$login . *
chmod 555 . .. *
chown root.root . ..
echo "done"
fi
done

Now chmod everything else to 777 and owner as nobody:nobody as required by DSO mode otherwise your files may not upload and you may get strange errors.

Also don't run this if your site is linked using symbolic links.

So what it does is that it disallows write/remove permissions from the public_html and all files/directories directly in it( and not further).

It also removes write permission in all the .htaccess and robots.txt files. So any hacker will not be able to hack into .htaccess of the public_html and the one in your site folder.

So finally you're saved from disaster happening in with your site by manipulating it's .httaccess files.

When adding domains or email accounts change permission of your home folder and www and www/* to 777 and after you've done, rerun this script from root.

I suggest to setup up some monitoring programs to catch infections regularly.

Please also read steps I took to recover from Pharma Hacking