What's WP
Find Everything Related to WordPress - Best Tutoriasl on WordPress!
What is suPHP and Why to Use It for WordPress?

What is suPHP and Why to Use It for WordPress?

With an increasing number of hackers and malicious intruders, more and more site owners attach extra importance on security issues. Apart from following security tips and using security plugins, suPHP is also an essential and useful tool to keep your website safe. When you utilize some applications that are based on PHP like WordPress, Joomla, and Drupal, suPHP helps to keep virus away and run your website under proper environment.

Although the tool is useful and indispensible, some people may not know the basic definition about suPHP, let alone its usage. Therefore, to help readers increase website managing knowledge and enhance website protection, we introduce what is suPHP, why to use it for your WordPress website, as well as where to get the useful tool. Note that the article is written in simple language to ensure everyone can understand it easily, even those who know nothing about website managing.

What Is suPHP?

suPHP is a tool used for executing PHP scripts under the permission of the script owners. It comes with a special program that lets the owner to decide who have the access to a certain file. In this way, it offers a robust layer of protection on web servers.

suPHP security

Till now, suPHP has more than ten versions and the newest one is 0.7.2 released in 2013. This version is much more secure than the former ones because it fixes the secure problems existing in 0.7.0, which has negative impact on source-highlighting feature. Now, with the new version, your website can be safe and sound.

Why to Use suPHP for WordPress?

As regular PHP runs on the web server as user “nobody” and doesn’t require the execute flag, every user on the same server can read your PHP file because you share the same username – nobody. However, there are some private files that are not supposed to be read by every user, such as MySQL password and username.

WhyFortunately, suPHP can fix the problem entirely by asking for owner permission before PHP scripts are executed. suPHP disables all files to run where they have world write permissions or group permission and only enable the account owner to write folders or files. The practice forces every user to have correct permissions and keeps the website safe by stopping hackers uploading malicious files.

Besides, many third-party tools require a 777 permission that enables the whole world to have access to it. In this way, having a 777 permission may allow malicious intruders to upload files your account if your codes are not strong enough. However, the requirement is not apply for suPHP, which makes your website more secure. What’s more, if it tries to access to any folder with 777 permission, the tool will show an error message.

Where to Get suPHP?

After realizing how important it is to have suPHP, the next concern would be how to get one for your personal website. Of course, all the webmasters can go to the official site suPHP to find solutions and tutorials on the homepage. However, the whole process is time-consuming and complex that is hard to get hrough for many beginners.

But don’t worry; everything comes with alternative solutions. The best and easiest way to get a suPHP is to choose a web hosting already prepared the tool for subscribers. Thus, we carefully choose the following three suPHP-based web hosts for all readers. Note that all of them are affordable, reliable, and rich-featured.


Lucy has been a very experienced SEOer, technical writer, web developer, c# developer since 2002. Now she owns a startup in San Francisco, CA, focusing on running a couple of blogs to share knowledge and experience with global readers and deliver exceptional results to global sponsors by leveraging the power of Internet.