Warning, mod_php and mod_suphp are both enabled, this is a security risk!

For some reason PHP 5.4 got installed in our cluster slave node.
I had to uninstall it, and install PHP 5.3.3 which is what we are using in our cluster.
After installing PHP 5.3 suscessfully now I’m getting this message in the slave node’s Web Server CP:
“Warning, mod_php and mod_suphp are both enabled, this is a security risk!”

How did this happen and how do I fix it?

Also, is there a way to have the slave nodes “synchronized” with the Cluster Manager as far as the packages installed, conf files, modules, php, etc.?

I presume that all the packages, configuration, etc should be the same all across the Cluster. Correct?

Thanks for all your insight on these issues.



I hope you don’t mind but I’m no expert, but I think you need to turn off mod_php and mod_suphp by default, in the mod_suphp, by inserting these 2 lines at the top of mod_suphp, php_admin_flag engine Off and suPHP_Engine off. or for more reading, http://serverfault.com/questions/234897/running-mod-php-and-suphp-same-time

I believe also there is the php in the distro from interworx, http://updates.interworx.com/ but this maybe only for interworx which uses it’s own php.

I think in system services, web server, I think I’m correct in thinking you can set the PHP between interworx and apache, which may help until a more experienced user helps.

Please use any of the above at your own risk though, they are only suggestions.

I hope this helps and the cluster, I would have thought would be more suited if all php versions were the same, but I’m still learning about IW cluster sorry.


Thanks for your response d2d4j

For the first part, I fixed it.
php_conf ownership was root:root when it should have been iworx:iworx that is why Iworx CP could not straighten things out.
I renamed php.conf.rpmsave to php.conf which had all the lines commented out with “#IWORX-DISABLED##” and all was fine.

I’ll wait for the answer to the second question now…