I need to set up a server to enable 5,000 students to have web hosting provided by the school with PHP and MySQL support. I'm trying to figure out what is the best way to do this.

We have Active Directory and are using Centrify to authenticate usernames and passwords on our Linux servers. I am imagining it would be great if we use something like ExecCGI to ensure that PHP runs as the user that owns the files. We would then provide FTP access to the files and FTP would authenticate against Active Directory making sure to set the proper user/group on files when uploaded.

I see that PHP-FPM exists: and it claims "Ability to start workers with different uid/gid/chroot/environment and different php.ini (replaces safe_mode)" which is exactly what I'm looking for. It also claims "PHP-FPM is now included in PHP core as of PHP 5.3.3." so that's good.

I also read about the greatness that is NGinX: though I don't know if I can use it because I think I also need to use .htaccess files. I need a way for students to be able to password protect their directories and files. If there's another way using NGinX or Apache, that's good too. I know of no other way.

Here is an interesting article from 2009:

That uses mod_rewrite to attempt something like what I'm trying to do ... and then, Apache has mod_vhost_alias:

So, I see a lot of information out there. Apache, NginX, ExecCGI, FastCGI, mod_vhost_alias, mod_rewrite, SuExec, mod_userdir. I suspect some of these methods are old and out of date.

In my ideal situation:

 - users would be created in AD and would exist on the OS

 - student domain names would look like:
        http://<username> - OR -<username>/

 - file directories would look like:

 - students would be able to create PHP applications executed with
        their own permissions

 - I would be able to configure all 5,000 accounts with a single
        configuration (1 virtual host rule?)

Do you know what the "best practices" are for now ... here in 2012?

-- Dante

PHP General Mailing List (
To unsubscribe, visit:

Reply via email to