mod_php Apache modules are not installed by default.
Why are not they installed?
Starting from Plesk 12.5, the following changes were made in terms of Apache modules:
mod_pythonare not included.
mod_phpstill included but disabled by default.
It was done for security reasons.
Why using these Apache modules on shared hosting is insecure:
mod_pythonrun under the account of Apache server, and therefore scripts executed by these modules can potentially access any user file. For example, files containing highly confidential personal data can be read by a script from another domain.
Security of database connections.
Database connections of other users can be hijacked, and since all users can read each other’s code, database usernames and passwords are visible to any user.
Potential system compromising.
Due to security issues in Apache code (it can be resolved by using jails or chroot mechanisms).
Which options to use Perl and Python remain:
1. By default, Python and Perl are handled by FastCGI (
2. For Python, there is no special binary and, therefore, it has to be done inside the script itself. So it is necessary to add the required code into the
.py file or use
mod_wsgi (as described in this article).
3. For Python, it is also possible to use the Application server (this option is described in this article ).
Note: If an application is designed for use with
mod_python, updating its code can be required.