Getting Server 500 Errors on your PHP Scripts

When a PHP script requires write-access to a file or directory (like Nucleus does for the 'media'-directory if you want to be able to upload pictures, etc.), you have to chmod that directory (or file) to 777 (or 666 for files) on most servers. This gives world write access to this folder (file). This is because on most servers, Apache (and PHP) runs as user 'nobody'.
Although giving world write access will make it possible to use the script, it also means a security hole that can be used by hackers and other riff-raff.

To avoid this security hole some ISP's install PHPSuExec on their servers (like mine did a few days ago). Using PHPSuExec, PHP runs under your own username on the server. This removes the necessity to make files and folders world writable. Instead you can just use 755 for folders (the default) and 644 for files (also the default).

But using PHPSuExec has some other consequences: some statements in your .htaccess file will result in an error 500 (internal server error). So here are the two problems and how to solve them (these problems are Apache-specific, since IIS isn't as advanced as Apache):

ForceType
When you are using files with (or without) an extension different from the normal extension for that filetype, you can use ForceType in your .htaccess file to make it clear to the server how to handle that file (or all the files in the folder) This works on servers without PHPSuExec.
An example: When you have a file called 'item' (like Nucleus uses for FancyURL's) and want it to be parsed by the server as PHP, you use the following code in your .htaccess file:

??? ForceType application/x-httpd-php


However, when your server uses PHPSuExec this will result in an internal server error. To solve this you can simply use SetHandler instead of ForceType, so your .htaccess-file becomes:

??? SetHandler application/x-httpd-php

php_value
On a server without PHPSuExec, it is possible to use the php_value statement in a .htaccess-file to change settings of PHP (actually overwrite the settings from php.ini). On a sever with PHPSuExec this will also result in a server error. To solve this you can use a php.ini file in the same folder where have put your .htaccess file. In that php.ini file you can change all the PHP values. You only have to put the values you want to modify in that file. For example if you want to set the short_open_tag to Off you would have used short_open_tag? = off in your .htaccess file. Using a php.ini file this results in:

[PHP]
short_open_tag = Off
  • 152 Utilisateurs l'ont trouvée utile
Cette réponse était-elle pertinente?

Articles connexes

How do I Make a Strong Password?

The following article will give guidelines on how to make a stronger, more secure password....

Why is there a red X where my image should be?

There are 2 main reasons this could be happening. 1. The image is not in the folder. Have...

How to do a Traceroute

Traceroute is a command which can show the path of a packet of information taken from your...

How do I add a Favorites icon to my site?

Step 1 - Creating the Image     Using your favorite graphics software, create...

How do I list files in directory?

Sometimes, for one reason or another, you will have no index file in your directory and will...