php.ini per dir with php running as cgi

**vesko** · 12-13-2007 08:42 AM

Hello,

Because of security concerns I'm running php as CGI+suexec instead as a module. How in this configuration I can have a php.ini per dir (or at least php.ini per virtual host)? I tried to replace the /usr/local/scripts/cgi-bin/php5 with a wrapper (intending to use the PHPRC variable) but immediately run into suexec security restrictions. Before continuing the struggle with the wrapper & suexec I decided to ask here:
Is there a way using WHM to set this, or any other "canonical" way to do it?
Any hints are welcome.

**sabarishks** · 04-17-2008 12:16 PM

1. Moving php5 binary:

mv /usr/local/cpanel/cgi-sys/php5 /usr/local/cpanel/cgi-sys/php5.bin

2. Then creating wrapper file in the /usr/local/cpanel/cgi-sys/php5 with the following content:

#!/bin/bash

# This will fake the name & path and hide the /usr/local/cpanel/cgi-sys/php5 path!
export SCRIPT_NAME=$REQUEST_URI
export SCRIPT_FILENAME=$PATH_TRANSLATED
export PWD=$DOCUMENT_ROOT

if [ -f "$DOCUMENT_ROOT/php.ini" ]; then
exec /usr/local/cpanel/cgi-sys/php5.bin -c $DOCUMENT_ROOT
else
exec /usr/local/cpanel/cgi-sys/php5.bin
fi

3. Save the file and change the permissons:

chown root:wheel /usr/local/cpanel/cgi-sys/php5*;
chmod 755 /usr/local/cpanel/cgi-sys/php5*;

**kenashkov** · 04-18-2008 04:02 AM

Hi,
I managet to get it working per virtual host with this wrapper (I also came up to the idea that it has to be chowned to root/wheel

):

Code:

#!/bin/sh
user=`whoami`
export PHPRC=/home/$user/public_html
exec /usr/local/cpanel/cgi-sys/php5bin

I reworked your wrapper to look like this:

Code:

#!/bin/bash

# This will fake the name & path and hide the /usr/local/cpanel/cgi-sys/php5 path!
export PWD=$DOCUMENT_ROOT

export PHPRC=`dirname $PATH_TRANSLATED`/php.ini

exec /usr/local/cpanel/cgi-sys/php5bin

The PWD has to be exported to hide the path.
I prefer to use the PHPRC, because it will just look in the specified directory for php.ini, because with the '-c' you have to first check does the files exists (as you do in your example).

**cpanelkenneth** · 04-18-2008 09:39 AM

Use mod_suphp. It will give you what you want, without having to jump through hoops with fragile wrappers.

LinkBack

Thread Tools

php.ini per dir with php running as cgi

Try this...

Individual php.ini files for PHP FCGI and PHP CGI

custom php.ini with php handler set as cgi

Running /scripts/postupcp...Can't open /var/cpanel/3rdparty/etc/php.ini: No such file

PHP5 not detecting php.ini in user's home dir

php5(cgi) ignoring php.ini files in user dirs