Shared hosting: best practices (permissions, etc.)

[moit]

I am trying to get WB set up with a shared hosting provider and have been bitten by the permissions problem (i.e., ftp uploads as one user, webserver/php process runs as another, and so webserver/php cannot write to files and dirs).

I asked the hosting company about it, and they replied with:

"On your server, php5 runs as an apache module, so scripts are executed as the webserver user 'nobody'. If your site is compatible with php4 (which runs via suphp under your username) we can switch it to that, and correct the owner/permissions.

"Alternatively we can move your account to a server that runs both php4/php5 via suphp. Let us know how you'd like to proceed."

In a followup, they also said they would be able to change ownership of the files uploaded by ftp to 'nobody'.

So, two questions:
1) Given the choices above, which option is the best:

• Have the hosting provider manually switch file ownerships to 'nobody'. (And what happens when you need to upgrade WB? Ask them to intervene each time you upgrade?)
• Have them move my account to server that uses PHP5+suPHP. (I've never knowingly used suPHP so I have no idea what I might be getting myself into.)
• Keep the stuff on the present server and use  PHP4 with suPHP. (I would really rather not use PHP4.)

2) What are some good things to ask a hosting provider before signing on with them if you plan to run WB? (This one might be a good one for the FAQ.)

-M

[DarkViper]

From 2010-08-01 the best requirements for WB are:

• PHP 5.2 and higher
• PHP running via suphp/fastCGI
• mySQL 5.0 and higher

PHP4 => never supported
mySQL 4.1 => still works, but some future features can come in trobble
PHP as Apache-module => it still works, but with a lot of problems

[moit]

Thanx beaucoup.

[ChrusR]

From 2010-08-01 the best requirements for WB are:

• PHP 5.2 and higher
• PHP running via suphp/fastCGI
• mySQL 5.0 and higher

PHP4 => never supported
mySQL 4.1 => still works, but some future features can come in trobble
PHP as Apache-module => it still works, but with a lot of problems

This is also really useful. But my provider says that php-cgi makes more traffic and the sites load more slowly. I'm interested in reading mor info on this "dilemma" between "Fast-Apache-PHP" and "Secure-CGI-PHP". By google search I found some statements pro and contro but no technical background. Can someone provide a good info or link?

[DarkViper]

the best way to get information is php.net

FastCGI Process Manager

[Waldschwein]

the best way to get information is php.net

FastCGI Process Manager

It looks a bit like the explanation of SafeMode. 
*running away*

Most hoster nowadays have both - Apache module and FastCGI. Often you can choose them with .htaccess.
But the common opinion (about 50,01%) in the web is, that people should use apache module for performant sites and FastCGI for CMSes... The other 49,99% say the other way round...
So just try what you mean. WB doesn't need a high-performance server for normal websites, it's quite modest.

Yours Michael

[DarkViper]

tzzz... Michael.. Subject misses..   

The question was not the speed.

Apache module use different user context for PHP and FTP
fastCGI / suPHP use the same user context for PHP and FTP

that's why fastCGI / suPHP is recommended for use with websitebaker.

From this point of view also Apache-module is good and secure for each site which will have no write access to the filesystem.