2 Questions

[virile]

Hi there,

I currently lease a VPS semi-managed server and turned it into a free web hosting service.

cPanel 11.24.5-S38506 - WHM 11.24.2 - X 3.9

CENTOS 5.4 i686 virtuozzo on ******

Fully Licensed.

1.) Our members are asking for edits such as register_globals off/on and basedir enabled/disabled without having to create their own .htaccess and ini files and placing them in the directories they need.

As you can see above the WHM / cPanel are up to date but when I edit the features manager php.ini EZConfig is not available for an option to select for my members.

Does any one know how to fix this ? There is nothing online about this matter what key words you type in. cPanel forums also has nothing on this particular topic for ezconfig.

2.) cpanel3-skel

On my other dedicated server this shows so I can create random placeholder pages. But on the VPS I do not see cpanel3-skel any where. How do I add this directory?

Note: I do not use SSH. I use the WHM via Browser and I use WinSCP to edit or access the root directory of the VPS.

Thank you in advance.

[eth00]

That config is a global config. If you want to do php.ini differently for different people enable SuPHP and put a php.ini into their public_html. Since they do not want to do it you can modify it for them yourself.

I would be really careful about this...sounds like a receipt for disaster and opening yourself up to abuse. Free webhosting can be a pretty risky thing and warez/exploits are common.

[Spiral]

You would have to be a moron to allow for custom PHP configs for a FREE hosting service

(And I am using the word "moron" deliberately here to amplify the seriousness of the security risk you pose to yourself doing that)

That config is a global config. If you want to do php.ini differently for different people enable SuPHP and put a php.ini into their public_html. Since they do not want to do it you can modify it for them yourself.

I agree on the recommendation for SuPHP but DO NOT ever put a PHP.INI in the user's "public_html" or allow that function!

Doing so will enable the user to override **ALL** PHP settings and will result in a much bigger security hole than if you were just simply running insecure Apache module (DSO) based PHP which is at least partially limited in configuration override access!

There is much better ways to setup custom access that this which don't open yourself to such an enormous security risk!

[virile]

As for being blunt and saying I would have to be a moron, I didn't enable anything yet. However I agree and I will be more specific next time I ask for user support and suggestions here. The VPS is a new service I started on top of the shared server I run and offer free hosting on.

Some account holders on the VPS are complaining because they do not have these personal setting options like they did when they were on the shared server. (I got some members to transfer to the vps). So I am in this position now trying to set up personal setting options like I have on the dedicated shared server.

@ Spiral, your website page has file:///D:/MSE/services.html as link on your services page.

I am greatful for your feedback; what else do you recommend?

[cPanelDon]

You would have to be a moron to allow for custom PHP configs for a FREE hosting service

(And I am using the word "moron" deliberately here to amplify the seriousness of the security risk you pose to yourself doing that)

Please refrain from using derogatory remarks when trying to help others; stating your personal opinion is acceptable but I will politely ask that when posting the behavior remains professional and courteous to fellow forum users.

Each server operator and or business owner may decide for themselves the specific configurations they wish to allow, disallow, or otherwise use as it relates to the policies and types of sites or customers they wish to host.

Here is an example of how the message could be rewritten:
In my opinion, I believe that when in a shared hosting environment it would not be wise to allow users the ability to create and use custom PHP configuration (php.ini) files due to the potential risk of abuse. This may be something to consider when devising administrative policies (e.g., AUP & TOS).