cPanel Forums

partsace · #1 (**permalink**) 06-19-2009, 02:18 PM

In WHM -->
Service Configuration -->
PHP Configuration Editor -->
Switch to Advanced Mode -->

Under disable_functions, I would like to know if I can remove phpinfo from 1 domain on my server. I have tried to do this in .htaccess but I keep coming-up with a 500 error. I do not want to remove phpinfo for this setting, just the one website.

disable_functions = "show_source, system, shell_exec, passthru, exec, phpinfo, popen, proc_open"

Thanks for your help,

Scott

krizag · #2 (**permalink**) 06-19-2009, 05:12 PM

You can add this by creating a file named php.ini in the document root of the account.

The content of the file will be:

disable_functions = "show_source, system, shell_exec, passthru, exec, phpinfo, popen, proc_open"

But this will work if the php is compiled as CGI, if not it will give 500 internal server error.

partsace · #3 (**permalink**) 06-20-2009, 10:27 AM

It was NOT complied as CGI. Can I recompile it without causing any problems with my already existing accounts?

Scott

fineline · #4 (**permalink**) 06-20-2009, 03:39 PM

Read the PHP manual....

disable_functions string
This directive allows you to disable certain functions for security reasons. It takes on a comma-delimited list of function names. disable_functions is not affected by Safe Mode. This directive must be set in php.ini For example, you cannot set this in httpd.conf.

Ronniev · #5 (**permalink**) 06-20-2009, 03:54 PM

Hello,
You can compile php with the CGI by using WHM -->
Service Configuration --> Configure PHP and SuExec -->Apache Configuration -->PHP and SuExec Configuration.
Some time some php script affect after that setting but you can easily solve that problem.

fineline · #6 (**permalink**) 06-20-2009, 04:01 PM

That will work. I would just be careful. When you do that A user can then override anthing with a custom php.ini I think the only thing they can't override is enabling the exec function.

Spiral · #7 (**permalink**) 06-21-2009, 09:33 PM

Quote:

Originally Posted by krizag

You can add this by creating a file named php.ini in the document root of the account.

Krizag, you can't say this without knowing how the poster's PHP is configured ...

What you describe is the method to set custom PHP settings for an account
if the PHP on the system is setup as the old phpSuExec.

Under DSO (Apache Module) based DSO, settings could be changed for
an individual site view the main httpd.conf (for restricted settings) or
from a .htaccess file in the users account (for general settings).

Under SuPHP, you would need to add a custom PHP directive to the
user's virtualhost configuration in httpd.conf that points to another PHP.INI
file that you have setup somewhere else on the system.

Thread Tools
Show Printable Version Email this Page
Display Modes
Linear Mode Switch to Hybrid Mode Switch to Threaded Mode

Similar Threads
Thread	Thread Starter	Forum	Replies	Last Post
php.ini and override default php.ini	areh	cPanel and WHM Discussions	6	08-24-2009 06:45 PM
Question about PHP security, setting up multiple php.ini files?	sirbrent	cPanel and WHM Discussions	0	10-01-2008 11:58 AM
php safe mode on or disable_functions screwing up fantastico	bsasninja	cPanel and WHM Discussions	4	09-12-2006 12:16 PM
What is the right way for PHP disable_functions ?	docenta	cPanel and WHM Discussions	5	06-19-2006 04:04 PM
Disabling local php.ini while php still runs in SUExec mode	gizmoh	cPanel and WHM Discussions	0	06-10-2005 12:34 PM