UPDATE~! I upgraded to Plesk 10 and the below didn’t work. So check here for the new way to get Plesk10 and PHP5 and suPHP and Apache2 working nicely together.
I installed suPHP on a plesk box, works
great for all the client vhost websites, all their PHP scripts run with
their respective user account privellages.
However, suPHP was enabled for every PHP script which ran under apache. This caused a few issues especially for the webmail php scripts, which reside in /usr/share/psa-horde/
When I tried to access webmail, the browser was giving me back an Internal Server Error and I was seeing these in the log files:
[warn] UID of script "/usr/share/psa-horde/index.php" is smaller than min_uid
[warn] Script "/usr/share/psa-horde/index.php" resolving to
"/usr/share/psa-horde/index.php" not within configured docroot
[error] [client X.X.X.X] SoftException in Application.cpp:199: Script "/usr/share/psa-horde/index.php"
resolving to "/usr/share/psa-horde/index.php" not within configured docroot
you look in the suphp config file /etc/suphp/suphp.conf you will see
that the docroot is /var/www/, any scripts outside this location will
not be executed. I played around a bit with permissions and config
files, in the end this is the solution I came up with :
Step 1: Edit /etc/apache2/mods-enabled/suphp.conf
Comment out everything, this will prevent suPHP from affecting every php script on your site.
# AddHandler x-httpd-php .php .php3 .php4 .php5 .phtml
# suPHP_AddHandler x-httpd-php
# suPHP_Engine on
# # Use a specific php config file (a dir which contains a php.ini file)
# suPHP_ConfigPath /etc/php4/cgi/suphp/
# # Tells mod_suphp NOT to handle requests with the type <mime-type>.
# suPHP_RemoveHandler <mime-type>
Step 2: Make a new file: /etc/apache2/conf.d/zzz_su_php.conf
Enable suPHP only for your plesk vhosts.
Put this in the file:
AddHandler x-httpd-php .php .php3 .php4 .php5 .phtml
Now suPHP will only affect your client websites running under /var/www/vhosts, and not your other global webmail etc.. scripts.
Hope it helps someone.