The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Allowing Custom PHP.INI files

Discussion in 'General Discussion' started by martynh, Oct 11, 2009.

  1. martynh

    martynh Active Member

    Joined:
    Oct 6, 2009
    Messages:
    32
    Likes Received:
    0
    Trophy Points:
    6
    Hello,

    I have been playing about with this allday but can't get it working, I have a client that wants to disable register_globals so I told them to create a custom php.ini but they reported its not working so I had a look and it wasnt, I turned it on global and the script worked so its 100% not working with a custom php.ini.

    I have tried nearly everything I have found in forums without any look so I have come to you guys. Is there a setting to allow or disallow them?

    Please let me know what info I need to provide you with to find this problem


    Thank you
     
  2. martynh

    martynh Active Member

    Joined:
    Oct 6, 2009
    Messages:
    32
    Likes Received:
    0
    Trophy Points:
    6
  3. Spiral

    Spiral BANNED

    Joined:
    Jun 24, 2005
    Messages:
    2,023
    Likes Received:
    7
    Trophy Points:
    0
    Are you telling me you have "register_globals" turned on globally? :eek:

    Bad ... bad idea! ;)

    If anything, you should do it the other way around and have it OFF
    by default for the whole server and only turn it on for those specific accounts that absolutely have to have it and can't find any other solutions.

    Now regarding your custom setting problem, I can help you with that.
    Contact me by private message and I'll help you diagnose what is
    going on and perhaps upgrade things a bit for you.
     
  4. martynh

    martynh Active Member

    Joined:
    Oct 6, 2009
    Messages:
    32
    Likes Received:
    0
    Trophy Points:
    6
    Argh... sorry people, I was ment that they want it enabled but I have it disabled globally...

    Thanks!

    I have sent you a message.
     
  5. linux7802

    linux7802 Well-Known Member

    Joined:
    Dec 14, 2007
    Messages:
    232
    Likes Received:
    1
    Trophy Points:
    18
    cPanel Access Level:
    Root Administrator
    Solution

    As per query it seems to be that you are confuse with SuExec server.The custom php.ini concept is working on only SuExec enabled server.First you need to confirm that your server is SuExec or not? refer following thread and check whether your server is SuExec or not?

    Simply check server is SuExec or not? | Linux Servers cPanel webhosting blog

    Once you confirm it that your server is SuExec then please copy and paste the php.ini file in each an every folder where you want to disable register_globals for your domain.

    Note : On SuExec server php.ini file is working directory base due to that you need to add/copy php.ini in each directory where you want to change php values for your domain.
     
  6. InstaCarma_Tech

    InstaCarma_Tech Well-Known Member

    Joined:
    Apr 22, 2009
    Messages:
    228
    Likes Received:
    1
    Trophy Points:
    18
    It seems that you did not place the custom php.ini file in the required folder. The custom php.ini needs to be there in each and every folder(and sub-folder) where you need the change to take effect.

    For example, if you have a directory named 'abc' under your public_html and this is where you need the change then place the custom php.ini in that folder.
    Also, to check whether the change is actually taking effect, create another file named 'phpinfo.php' in the same directory and put the following line in it :

    Code:
    <? phpinfo();
    ?>
    Now, access the URL http://yourdomainname.tld/abc/phpinfo.php to see whether the new settings are active.

    Note: Replace 'yourdomainname.tld' with your domain name.
     
  7. martynh

    martynh Active Member

    Joined:
    Oct 6, 2009
    Messages:
    32
    Likes Received:
    0
    Trophy Points:
    6
    Sorry for the delay...

    Yes SuExec was enabled but it just was not working, I followed some forums about putting them in every folder then I tried going back to dso for .htaccess which did work but I got told that is is a bad way to do it...

    In the end Spiral had a go and did some modifacations for me which allows me to enable it for them on request per account...

    He did say that there were alsorts missing from my cPanel installation which maybe why it was not doing what its supposed to do...

    Thanks all all your help, while Spirals way works now, when I get my next server I may need to follow your intructions so will write them down

    Thanks
    Martyn
     
  8. Spiral

    Spiral BANNED

    Joined:
    Jun 24, 2005
    Messages:
    2,023
    Likes Received:
    7
    Trophy Points:
    0
    InstaCarma_Tech, if you setup custom PHP.INI files the way you describe, all hosting users will have unlimited, unbound, and unrestricted control over your entire PHP system configuration without limits and can do pretty much anything they want unchecked which would actually put you in a worse situation that just keeping insecure Apache Module (DSO) PHP!

    There is a few ways to get around this problem and still allow for custom configurations of each site left under administrator control.

    I have setup martynh such that their server can have a different configuration for each and every account easily and under administrator control without additionally compromising security.
     
Loading...

Share This Page