UserDirectoryPHP
Purpose
When completed, this procedure allows users to securely run PHP files from ~/public_html/ to manipulate their own files.
Procedure
Do not use the method in the Old Procedure section for setting up PHP interpretation in users' home directories -- the old procedure uses an insecure and performance-wasting method for achieving this goal. If all you are seeking is to enable PHP scripts in users' personal public_html directories, simply do the following:
sudo apt-get install php5 sudo a2enmod php5
At this point, Apache and PHP are installed and ready to go. A recent update to the Lucid distribution, however, requires a slight change to /etc/apache2/mods-available/php5.conf to re-enable interpretation in users' home directories -- previous distributions do not require this change. Simply open up this file in your favorite editor as root (a simple sudo gedit /etc/apache2/mods-available/php5.conf will suffice) and comment out (or remove) the following lines:
<IfModule mod_userdir.c>
<Directory /home/*/public_html>
php_admin_value engine Off
</Directory>
</IfModule>Once this has been done, restart apache2 with the usual sudo /etc/init.d/apache2 restart and PHP should be successfully installed and working.
Security note: Running PHP scripts in users' home directories was not disabled for a frivolous reason -- PHP is a full programming language, and as such, can be used by attackers in nefarious ways. Ideally, the PHP engine should only be enabled for users you (the system administrator) trust, and even then sparingly. To do this, instead of removing the above lines, create a file (as root) called /etc/apache2/conf.d/php-in-homedirs.conf with the following contents:
<IfModule mod_userdir.c>
<Directory /home/$USERNAME/public_html>
php_admin_value engine On
</Directory>
</IfModule>Simply replace the $USERNAME with the user name of the user you wish to allow PHP access to. Also note that the <Directory> section may be repeated as many times as is necessary. Save the file, and restart Apache with a sudo /etc/init.d/apache2 restart and PHP should only be enabled for the users listed in this file. See the Apache documentation on the Directory tag for more information.
Old Procedure
Note: The below method for allowing all users to exec their own PHP scripts as themselves is dangerous both to the users' data, and possibly the system itself -- especially if it is enabled system-wide. As a result, it should be avoided at all costs.
Install Apache 2, PHP 5, and support for executing pseudo-binaries.
sudo apt-get install apache2 php5-cgi binfmt-support
Configure PHP 5 to run .php scripts from the shell.
sudo update-binfmts --install PHP /usr/bin/php5-cgi --extension php
Enable necessary Apache modules.
sudo a2enmod rewrite sudo a2enmod suexec sudo a2enmod include sudo a2enmod userdir
Enable Apache's handling of PHP files. Add the following line to /etc/apache2/apache2.conf
AddHandler cgi-script .php
Configure the userdir module. Uncomment the following lines in /etc/apache2/apache2.conf.
UserDir public_html
UserDir disabled root
<Directory /home/*/public_html>
AllowOverride FileInfo AuthConfig Limit
Options Indexes SymLinksIfOwnerMatch IncludesNoExec
</Directory>Add the ExecCGI option. The block should now appear as below.
UserDir public_html
UserDir disabled root
<Directory /home/*/public_html>
AllowOverride FileInfo AuthConfig Limit
Options Indexes SymLinksIfOwnerMatch IncludesNoExec ExecCGI
</Directory>Reload the Apache configuration.
sudo /etc/init.d/apache2 force-reload