Setting up your own PHP-FPM and Webserver under your own cPanel user

So, a random question popped into my head today, is it possible to run your own Webserver under your own cPanel user and have port 80 get proxied without root access?

I have went ahead and setup a pretty awesome webserver that I have found awhile back called Caddy

I have went ahead an setup a basic configuration (Caddyfile) that looked like this:

===

http://vmnode.com:4355 {
gzip
root /home/vmnodecom/cadtest
log /home/vmnodecom/caddy/test.log
}

===

I started it up without issue.

I then wanted to figure out how I can proxy Apache Port 80 to Caddy Port 4355. After a bit of digging through the Apache Documentation, I came up with this .htaccess:

===

Options +FollowSymLinks -Indexes

IndexIgnore *

DirectoryIndex

<IfModule mod_rewrite.c>

RewriteEngine on

# Simple URL redirect:
RewriteRule ^(.*)$ http://vmnode.com:4355/$1 [P]

</IfModule>

===

I placed a index.html within /home/vmnodecom/cadtest and then visited http://vmnode.com and it loaded the index.html!

I then became curious (after wondering if my IP is actually Proxied correctly (which it was)) if I could go a step further and install PHP-FPM as the user to get a working PHP stack.

I downloaded the PHP Version that I have wanted at http://php.net/get/php-5.6.20.tar.bz2/from/a/mirror and unpacked it within a “source” directory. I then went ahead and read through the configure documentation and came up with this configuration line:

===

./configure –enable-fpm –with-fpm-user=vmnodecom –with-fpm-group=vmnodecom –prefix=/home/vmnodecom/php

===

I configured it, make, make install and it was installed. I then copied /home/vmnodecom/php/etc/php-fpm.conf.default to /home/vmnodecom/php/etc/php-fpm.conf and changed the port to a socket, it looked like this:

===

vmnodecom@web [~/php/etc]# diff php-fpm.conf{,.default}
164c164
< listen = /home/vmnodecom/php/var/run/fpm.sock

> listen = 127.0.0.1:9000

===

I went ahead and navigated to /home/vmnodecom/php/sbin/php-fpm and started it, it started without issue.

I added a line to my Caddyfile:

===

http://vmnode.com:4355 {
gzip
root /home/vmnodecom/cadtest
log /home/vmnodecom/caddy/test.log
fastcgi / /home/vmnodecom/php/var/run/fpm.sock
}

===

I restarted Caddy, created a phpinfo index.php and it worked!

Screenshot 2016-04-08 03.42.06

Moving all the things!

So, (I assume) like a lot of you, I have been hosting my Mail on Google. I got sick of the idea of other people owning my Data.

I have been working on moving a lot of things to my own environments. This includes my Mail which was hosted on Google. My Calendars which was also hosted on Google. My Repositories which were in random places such as GitHub and Bitbucket. My files which were on Google Drive.

I do have to say, it feels pretty awesome to actually be in full control of my own data. I back everything that is critical (cPanel (Email/Web), Files (OwnCloud), Repositories (GitLab)) up via TarSnap.

I have also been hardening my SSH Access via ZeroTier making SSH accessible only to my Internal Network.

I also have been using Wildcard SSL Certificates, I am starting to like the idea of 90 Day SSL Certificates with Automated Renewal instead. I am now, because of this; working on migrating from my Wildcard SSL Certificates to Let’s Encrypt!

After the SSL stuff is done, I want to look a further into Dockerizing most of my Applications so that things hosted on the same VM are further sand-boxed down to lessen the attack surface.