Here are my notes on creating a LAMP server with FastCGI/SuExec on the latest CentOS 6.1. I prefer to use CentOS since it is fully Hyper-V happy, and quiet well supported.
This assumes the “Basic Server” installation on CentOS 6.1. MySQL is installed, but not configured – but that’s an easy one to do. This also includes a bit at the end to run SSH for SFTP on port 24 so that you can allow external users in without them messing around with other users data.
# Centos 6.1 LAMP Server with Fast CGI and SuExec
# Install prereqs
yum install httpd httpd-devel php-mysql mysql-server php gcc
# Fast CGI
cd /opt
wget http://www.fastcgi.com/dist/mod_fastcgi-current.tar.gz
tar -zxvf mod_fastcgi-current.tar.gz
cd mod_fastcgi*
cp Makefile.AP2 Makefile
make top_dir=/usr/lib64/httpd
make install top_dir=/usr/lib64/httpd
echo "LoadModule fastcgi_module modules/mod_fastcgi.so" > /etc/httpd/conf.d/mod_fastcgi.conf
echo "DirectoryIndex index.php default.php" >> /etc/httpd/conf.d/mod_fastcgi.conf
echo "" >> /etc/httpd/conf.d/mod_fastcgi.conf
echo "<IfModule mod_fastcgi.c>" >> /etc/httpd/conf.d/mod_fastcgi.conf
echo " AddHandler fastcgi-script .fcgi" >> /etc/httpd/conf.d/mod_fastcgi.conf
echo " FastCgiWrapper /usr/sbin/suexec" >> /etc/httpd/conf.d/mod_fastcgi.conf
echo " FastCgiIpcDir fcgi/" >> /etc/httpd/conf.d/mod_fastcgi.conf
echo " FastCgiConfig -singleThreshold 1 -autoUpdate -idle-timeout 240 -pass-header HTTP_AUTHORIZATION" >> /etc/httpd/conf.d/mod_fastcgi.conf
echo "</IfModule>" >> /etc/httpd/conf.d/mod_fastcgi.conf
chmod 755 /usr/sbin/suexec
chmod +s /usr/sbin/suexec
mkdir /etc/httpd/fcgi
mkdir /etc/httpd/fcgi/dynamic
chmod 777 /etc/httpd/fcgi -R
# Switch to worker mode
echo "HTTPD=/usr/sbin/httpd.worker" >> /etc/sysconfig/httpd
# Create the skeleton
cd /opt
mkdir skel
mkdir skel/logs
mkdir skel/homepage
mkdir skel/cgi-bin
echo $’#\x21/bin/sh’ > skel/cgi-bin/php.fcgi
echo "PHP_CGI=/usr/bin/php-cgi" >> skel/cgi-bin/php.fcgi
echo "PHP_FCGI_CHILDREN=2" >> skel/cgi-bin/php.fcgi
echo "PHP_FCGI_MAX_REQUESTS=1000" >> skel/cgi-bin/php.fcgi
echo "### no editing below ###" >> skel/cgi-bin/php.fcgi
echo "export PHP_FCGI_CHILDREN" >> skel/cgi-bin/php.fcgi
echo "export PHP_FCGI_MAX_REQUESTS" >> skel/cgi-bin/php.fcgi
echo "exec \$PHP_CGI" >> skel/cgi-bin/php.fcgi
chmod 755 skel/cgi-bin/php.fcgi
# Vhost template
mkdir /etc/httpd/conf.d/hosts
echo "<VirtualHost *:80>" > /etc/httpd/conf.d/template
echo " ServerAdmin webmaster@DOMAIN" >> /etc/httpd/conf.d/template
echo " ServerName DOMAIN" >> /etc/httpd/conf.d/template
echo " ServerAlias *.DOMAIN" >> /etc/httpd/conf.d/template
echo " DocumentRoot /var/www/USER/homepage" >> /etc/httpd/conf.d/template
echo "" >> /etc/httpd/conf.d/template
echo " SuexecUserGroup USER USER" >> /etc/httpd/conf.d/template
echo "" >> /etc/httpd/conf.d/template
echo " <Directory />" >> /etc/httpd/conf.d/template
echo " Options FollowSymLinks" >> /etc/httpd/conf.d/template
echo " AllowOverride None" >> /etc/httpd/conf.d/template
echo " </Directory>" >> /etc/httpd/conf.d/template
echo "" >> /etc/httpd/conf.d/template
echo " <Directory /var/www/USER/homepage/>" >> /etc/httpd/conf.d/template
echo " Options -Indexes FollowSymLinks -MultiViews" >> /etc/httpd/conf.d/template
echo " AllowOverride all" >> /etc/httpd/conf.d/template
echo " Order allow,deny" >> /etc/httpd/conf.d/template
echo " Allow from all" >> /etc/httpd/conf.d/template
echo " </Directory>" >> /etc/httpd/conf.d/template
echo "" >> /etc/httpd/conf.d/template
echo " ScriptAlias /cgi-bin/ /var/www/USER/cgi-bin/" >> /etc/httpd/conf.d/template
echo " <Directory "/var/www/USER/cgi-bin/">" >> /etc/httpd/conf.d/template
echo " AllowOverride None" >> /etc/httpd/conf.d/template
echo " Options ExecCGI -MultiViews +SymLinksIfOwnerMatch" >> /etc/httpd/conf.d/template
echo " Order allow,deny" >> /etc/httpd/conf.d/template
echo " Allow from all" >> /etc/httpd/conf.d/template
echo " </Directory>" >> /etc/httpd/conf.d/template
echo "" >> /etc/httpd/conf.d/template
echo " AddHandler php-fastcgi .php" >> /etc/httpd/conf.d/template
echo " AddType application/x-httpd-php .php" >> /etc/httpd/conf.d/template
echo " DirectoryIndex index.html index.php" >> /etc/httpd/conf.d/template
echo " Action php-fastcgi /cgi-bin/php.fcgi" >> /etc/httpd/conf.d/template
echo "" >> /etc/httpd/conf.d/template
echo " ServerSignature On" >> /etc/httpd/conf.d/template
echo " ErrorLog logs/USER/error.log" >> /etc/httpd/conf.d/template
echo " CustomLog logs/USER/access.log combined" >> /etc/httpd/conf.d/template
echo "</VirtualHost>" >> /etc/httpd/conf.d/template
# turn on vhosting
echo "NameVirtualHost *:80" > /etc/httpd/conf.d/00-EnableVirtualHost.conf
echo "Include conf.d/hosts/*" >> /etc/httpd/conf.d/00-EnableVirtualHost.conf
# create a shortcut script to create webs
# usage: createweb username domainname.tld
echo $’#\x21/bin/sh’ > /usr/sbin/createweb
echo "useradd -b /var/www -d /var/www/\$1 -m -k /opt/skel -s /bin/false \$1" >> /usr/sbin/createweb
echo "chmod 755 /var/www/\$1" >> /usr/sbin/createweb
echo "chmod 755 /var/www/\$1/cgi-bin/php.fcgi" >> /usr/sbin/createweb
echo "ln -s /var/www/\$1/logs /var/log/httpd/\$1" >> /usr/sbin/createweb
echo "cp /etc/httpd/conf.d/template /etc/httpd/conf.d/hosts/\$2" >> /usr/sbin/createweb
echo "replace DOMAIN \$2 — /etc/httpd/conf.d/hosts/\$2" >> /usr/sbin/createweb
echo "replace USER \$1 — /etc/httpd/conf.d/hosts/\$2" >> /usr/sbin/createweb
echo "passwd \$1" >> /usr/sbin/createweb
echo "chown root.root /var/www/$1" >> /usr/sbin/createweb
chmod 700 /usr/sbin/createweb
# chroot jail ssh.
cd /etc/ssh
cp sshd_config sshd_config24
nano sshd_config24
# Change the following
Port 24
PermitRootLogin no
ChrootDirectory /var/www/%u
Subsystem sftp internal-sftp
# Startup on reboot
echo "/usr/sbin/sshd -f /etc/ssh/sshd_config24" >> /etc/rc.d/rc.local
#Start Now
/usr/sbin/sshd -f /etc/ssh/sshd_config24