Custom non user accessible php.ini for some accounts suPHP

EneTar

Well-Known Member
Dec 19, 2015
156
12
18
Greece
cPanel Access Level
Root Administrator
Hello I'm really new to this and I try to set all the accounts to use the global php.ini but some accounts to use a custom php.ini on which they will not have any access to modify it.

My environment is
Code:
/etc/redhat-release:CentOS release 6.7 (Final)
/usr/local/cpanel/version:11.52.1.3
/var/cpanel/envtype:kvm
CPANEL=release
Server version: Apache/2.4.12 (Unix)
Server built:   Jul 19 2015 21:47:11
Cpanel::Easy::Apache v3.30.3 rev9999
PHP 5.4.43 (cli) (built: Jul 19 2015 21:57:01)
Copyright (c) 1997-2014 The PHP Group
Zend Engine v2.4.0, Copyright (c) 1998-2014 Zend Technologies
mysql  Ver 14.14 Distrib 5.5.46, for Linux (x86_64) using readline 5.1
Reading the forums I've done this so far
1)Uncommented the file /opt/suphp/etc/suphp.conf
Code:
[phprc_paths]
;Uncommenting these will force all requests to that handler to use the php.ini
;in the specified directory regardless of suPHP_ConfigPath settings.
application/x-httpd-php=/usr/local/lib/
application/x-httpd-php4=/usr/local/php4/lib/
application/x-httpd-php5=/usr/local/lib/
2) Created the file /usr/local/apache/conf/userdata/suphp_configpath.conf
Code:
<IfModule mod_suphp.c>
<Location />
suPHP_ConfigPath [B]/usr/local/lib/[/B]
</Location>
</IfModule>

3) I created the /usr/local/apache/conf/userdata/std/2/restrictedaccount1/suphp_configpath.conf
Code:
<IfModule mod_suphp.c>
<Location />
suPHP_ConfigPath [B]/home/custom-account-phps/restrictedaccount1/[B]
</Location>
</IfModule>
4)and the /usr/local/apache/conf/userdata/ssl/2/restrictedaccount1/suphp_configpath.conf
Code:
<IfModule mod_suphp.c>
<Location />
suPHP_ConfigPath [B]/home/custom-account-phps/restrictedaccount1/[B]
</Location>
</IfModule>
5)Then
Code:
# /scripts/verify_vhost_includes
Testing /usr/local/apache/conf/userdata/suphp_configpath.conf...ok
Testing /usr/local/apache/conf/userdata/std/2/restrictedaccount1/suphp_configpath.conf...ok
Testing /usr/local/apache/conf/userdata/ssl/2/restrictedaccount1/suphp_configpath.conf...ok
# /scripts/ensure_vhost_includes --all-users
Built /usr/local/apache/conf/httpd.conf OK
# /scripts/ensure_vhost_includes --user=restrictedaccount1
and then I don't know what to do...I checked the phpinfo of the restrictedacount1 website through the browser and it still uses the global php.ini
Have I done anything wrong? I have to say that, even before I do step 1, placing a custom php.ini at the user's account did not change anything the account still used the global php.ini

Thank you
 

cPanelMichael

Administrator
Staff member
Apr 11, 2011
47,913
2,202
363
Note that I have removed your additional thread since there's no need to post about the same topic multiple times.

Thank you.
 

EneTar

Well-Known Member
Dec 19, 2015
156
12
18
Greece
cPanel Access Level
Root Administrator
Ok I understand that but you could at least copy my post from that thread here, now I can't explain to someone what's going on to help me because those methods don't work for me.. neither the old method nor the new one using the [PATH=/home/username] work for me. In addition I don't know why but I can't place any custom php.ini files for any user. They all listen to global one.

So in which thread should I ask now?
 

cPanelMichael

Administrator
Staff member
Apr 11, 2011
47,913
2,202
363
Hello :)

I've merged all of the posts back into your original thread. Please remember to only submit an issue to a single thread going forward to avoid this type of issue. Submitting multiple posts or bumping a thread is not permitted, and does not serve to get a quicker response.

Thank you.
 

quizknows

Well-Known Member
Oct 20, 2009
1,008
87
78
cPanel Access Level
DataCenter Provider
I believe your issue may be with:

;Uncommenting these will force all requests to that handler to use the php.ini
;in the specified directory regardless of suPHP_ConfigPath settings.

If you uncommented those and then try to set suPHP_ConfigPath later, you have conflicting changes.
 

EneTar

Well-Known Member
Dec 19, 2015
156
12
18
Greece
cPanel Access Level
Root Administrator
Thank you for your answer but I tried both options, commented or not it doesn't work.

Currently I have installed PHP 5.5 and reverted the settings back to the original.

Code:
/etc/redhat-release:CentOS release 6.7 (Final)
/usr/local/cpanel/version:11.52.1.3
/var/cpanel/envtype:kvm
CPANEL=release
Server version: Apache/2.4.16 (Unix)
Server built:   Dec 22 2015 18:12:08
Cpanel::Easy::Apache v3.32.6 rev9999
PHP 5.5.30 (cli) (built: Dec 22 2015 18:18:37)
Copyright (c) 1997-2015 The PHP Group
Zend Engine v2.5.0, Copyright (c) 1998-2015 Zend Technologies
    with the ionCube PHP Loader v4.7.5, Copyright (c) 2002-2014, by ionCube Ltd.
mysql  Ver 14.14 Distrib 5.5.46, for Linux (x86_64) using readline 5.1
I think that the problem is that it doesn't let me by default to add custom php.ini for any /home/username/ or /home/username/public_html First I think should fix this one and later try to move the php.ini outside of the account not accessible by the user.

I have also tried this:
[PATH=home/username/]
session.save_path="home/username/php_sessions";

at the bottom of the global php.ini but checking phpinfo from the browser it still loads the value from /usr/local/lib/php.ini

Something that I noticed from phpinfo is that next to "Server API" it shows "CGI/FastCGI" shouldn't it display something like suphp? In WHM under "Configure PHP and suEXEC" it is selected suPHP.
 

quizknows

Well-Known Member
Oct 20, 2009
1,008
87
78
cPanel Access Level
DataCenter Provider
It is normal for "Server API" on phpinfo to show CGI/FastCGI with SuPHP. SuPHP is basically CGI just with switched user.

Try ruling things out in a simple fashion. If you put a php.ini in /home/username/public_html and set

suPHP_ConfigPath /home/user/public_html

Does phpinfo show the proper loaded .ini file?
 

EneTar

Well-Known Member
Dec 19, 2015
156
12
18
Greece
cPanel Access Level
Root Administrator
Thank you for your answer. Yes setting suPHP_ConfigPath /home/user/public_html and running phpinfo it returns the correct php.ini however it turns that php.ini as the global one. Everything was preinstalled and now I'm wiping the basics and install everything again. I will have results in a while, I suppose it's going to work
 

EneTar

Well-Known Member
Dec 19, 2015
156
12
18
Greece
cPanel Access Level
Root Administrator
Created a fresh install and tried directly to use the [PATH=/home/username/] in the global php.ini and it works.

Haven't tried the old method and I'm not sure if I will. I have also uncommented the lines in /opt/suphp/etc/suphp.conf