PHP handlers are necessary for everyday function of your server and determine how a PHP process is loaded on your server. To run PHP files or scripts on your site, a PHP handler is needed to decipher the code within a PHP file based on the PHP version to display the content over the web.
What kind's of PHP Handler's do we offer and support?
DSO
SuPHP
CGI
FCGl
Why would I change my PHP handler?
The reason to switch PHP handler's would depend on what you are trying to use your server for, such as if you are looking for performance, need caching for your site(s), needing a specific module enabled, and the list can go on. We will explain the differences between each handler and what it is best used for.
SuPHP
SuPHP is used on all of our Shared and Re-Seller server environments, as it is cPanel's preferred PHP handler, and is noted as the most secure PHP handler. SuPHP works by running PHP as a CGI module on the server which separates each PHP processes under the user in which is running them.
Pros:
Default cPanel PHP Handler
PHP processes run under the user in which it is owned to
Uses SuExec to run the "forked" secure PHP processes
Upload tool's on your site will provide the proper ownership and permissions to files and updates
PHP scripts are unable to be executed unless owned to the proper user
Cons:
Higher CPU usage
Creates a new PHP process whenever PHP is needed to run
World writeable files will be unable to be executed. (Files with permissions 777)
No PHP Caching utility can be used (OPCache, APC, XCache, etc.)
DSO
This is another default handler, and is commonly considered the fastest PHP handler available. DSO runs PHP as an Apache Module, meaning PHP scripts will run as Apache's default user "nobody" instead of the cPanel user.
Pros:
Considered the fastest PHP Handler.
Low CPU and Memory usage.
Option to use caching extensions
You can enable Mod_Ruid2, which will give DSO the strength in security similar to SuPHP. It creates the permissions for PHP to run as the cPanel user instead of "Nobody".
Cons:
Best used if you are only running one or a very small amount of accounts on the server
If using Mod_Ruid2, you can not use Apache Mod_userdir for temporary links to view sites (Ex: http://ServerIP/~User)
Easily exploitable if compromised due to permissions owned to "Nobody"
Auto-updates and Uploading tools from Wordpress or other CMS's will fail due to permissions
Used mainly with Apache and NginxCP as the main webserver
If an account starts to abuse resources, we are unable to determine which user is causing this (Unless running Mod_ruid2 apache module)
CGI
CGI runs PHP as a CGI module instead of an Apache module. This PHP is not commonly used as it is considered the slowest PHP handler.
Pros:
The processes still run as the user "Nobody"
If using with SuEXEC, you can see what user has made a PHP request
Cons:
Insecure
High CPU usage
Usually not recommended
FCGI
Commonly known as Fast CGI, and is a higher performance version of the CGI PHP handler and is comparable to DSO.
Pros:
Low CPU consumption
Run's PHP processes as the cPanel user
Ability to use Caching extensions
Very similar to the DSO handler
Able to work with Nginx and non-Apache webservers
Cons:
High memory consumption
PHP is running as a constant open process, rather than opening when a PHP request comes to the server
How would I change PHP Handlers?
To change your PHP handler would depend on which handler you want, as most are available in WHM, but some server's will need to be recompiled have certain modules available to PHP to make the change from within WHM.
If you are unsure of how to do this, feel free to open a ticket with our Support team to evaluate what handler would be best for your server and have this upgraded!
