The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Beating the ini_set blues?

Discussion in 'General Discussion' started by jols, Aug 17, 2009.

  1. jols

    jols Well-Known Member

    Joined:
    Mar 13, 2004
    Messages:
    1,111
    Likes Received:
    2
    Trophy Points:
    38
    Are there any security experts here that can address this issue?

    I see that it is a good idea to disable ini_set (in the server php.ini file) because this can be used to circumvent some php security settings, etc.

    BUT, ini_set is required by many script packages out there, Open Source and otherwise.

    SO, I would like to enable ini_set just for those accounts that need them...

    BUT, to do this I would need to allow custom php.ini files which would only get me back to "square one" with regard to further securing php on the server, (i.e. if we allow custom php.ini files in each account, then users could once again circumvent php security.)

    This is a catch 22 for which there seems to be no resolution. Of have I missed something here?

    Anyone?
     
  2. Spiral

    Spiral BANNED

    Joined:
    Jun 24, 2005
    Messages:
    2,023
    Likes Received:
    7
    Trophy Points:
    0
    No problem! I do this one all the time! :D

    I can give you custom PHP configurations, in fact automate them,
    and at the same time keep users totally locked out from being
    able to update or override any PHP settings.

    Very easy to implement. My own servers are setup the same!

    Nice thing is you get the added ability to customize every account
    for any specific need without compromising any security elsewhere.

    Contact me by private message and we can chat about this one.


    EDIT: I sent Jols the details by private message. If anyone else needs help
    with this item, let me know. Jols, same goes for you if you have any trouble
    following the instructions I gave you. ;)
     
    #2 Spiral, Aug 20, 2009
    Last edited: Aug 25, 2009
  3. furquan

    furquan Well-Known Member

    Joined:
    Jul 27, 2002
    Messages:
    425
    Likes Received:
    0
    Trophy Points:
    16
    Spirla:

    Can you send me the instructions too ?

    Thank you
     
  4. cPanelJared

    cPanelJared Technical Analyst
    Staff Member

    Joined:
    Feb 25, 2010
    Messages:
    1,842
    Likes Received:
    18
    Trophy Points:
    38
    Location:
    Houston, TX
    cPanel Access Level:
    Root Administrator
    Spiral is banned, and this thread is rather old. You may want to create your own thread to ask for other users' advice about this issue.
     

Share This Page