Hello
@Miguel G,
The entry in your
/var/cpanel/ApachePHPFPM/system_pool_defaults.yaml file should look like this instead:
Code:
---
php_admin_value_disable_functions: { name: 'php_admin_value[disable_functions]', value: passthru,exec,shell_exec,system }
Then, if you wanted to enable
exec and
shell_exec for an individual domain name that's using PHP-FPM, you would modify it's YAML file to look like this:
Code:
# cat /var/cpanel/userdata/username123/domain123.com.php-fpm.yaml
---
_is_present: 1
php_admin_value_disable_functions: { name: 'php_admin_value[disable_functions]', value: passthru,system }
You'd then rebuild the PHP-FPM configuration files and restart the Apache PHP-FPM and Apache services:
Code:
/scripts/php_fpm_config --rebuild
/scripts/restartsrv_apache_php_fpm
/scripts/restartsrv_httpd
However, keep in mind
disable_functions works differently compared to the standard PHP values with PHP-FPM. When you define a custom
disable_functions value in your PHP-FPM global configuration file or for an individual PHP-FPM pool, it's allowing you to disable additional functions on top of what's already disabled in the global php.ini file. For instance, let's say the following line is configured for PHP version 7.0 from
WHM >> MultiPHP INI Editor >> Editor Mode:
Code:
disable_functions = popen,proc_open
If you were to to setup a custom PHP-FPM default value for
disable_functions per the example at the top of this post, then the actual disabled functions would include passthru, shell_exec, exec, system, popen, proc_open. Additionally, keep in mind the PHPINFO output on the website will match what you've configured in your custom PHP-FPM configuration file, despite the fact that additional PHP functions are disabled (this is an artifact of how PHP and PHP-FPM work as opposed to how they are implemented with cPanel & WHM).
In summary, while you can add additional entries to the
disable_functions PHP value through the use of a custom global PHP-FPM configuration file, and modify individual PHP-FPM pools to differ from that custom value, you can't enable functions that are already disabled in the global php.ini configuration file.
Thank you.