suPHP will execute php scripts as the user you specify. This enhances security by not running scripts as the web server user (nobody) or as root. So even if there is a vulnerable php script installed, it can at most execute with the permissions of the non-privileged user you choose for it to use.
PHP scripts are interpreted by suPHP and suPHP then calls the php interpreter as the specified user and interprets the scripts as that user.
Log into the WHM. Ensure you’re running the latest build else if you are not you will be prompted to upgrade when running the next step.
Go to Main » Software » EasyApache (Apache Update).
Leave Previously Saved Config checked and select Start Customizing Based on Profile.
For security reason we recommend selecting the latest versions of Apache and PHP on the next three steps unless you have good reason to stick with an older version.
Step 5 will have a screen with quite a few options on it, the one we are concerned about is the second option SuPHP. Tick the checkbox here, scroll down, and click Save and Build.
For additional security, we also recommend enabling Suhosin on this screen as well. More Info
Apache and PHP will now rebuild automatically for you, and you will not have any service downtime while this transpires. This build typically takes anywhere from 20-30 minutes to complete.
Enabling SuPHP as the Default Handler
In the WHM, go to Main » Service Configuration » Apache Configuration » PHP and SuExec Configuration, and for your specific version of PHP, select ‘suphp’ as the default handler from the dropdown list. Click Save New Configuration.
Change folder permission to 755 and files permission to 644
vi permissionchage.sh
Place the following code
cd /var/cpanel/users/
for i in *;do find /home/$i/public_html -iname “*.php” -exec chmod -v 644 {} \;; find /home/$i/public_html/ -type d -exec chmod -v 755 {} \;;done
chmod 755 permissionchage.sh
sh permissionchage.sh