Disabling PHP functions on an Account

ginepraio

Registered
Aug 21, 2019
1
0
1
Firebze
cPanel Access Level
Website Owner
hi all, I think I have a problem with my host's provider.
seeing this now known notification in my ipboarb(invision forum)
"Some functions are enabled on your server which have the potential to cause serious damage to your community or server. If you are in a shared hosting environment, some of these functions may bypass the restrictions which prevent one account on the server affecting another. Their presence also increases the amount of damage that could be caused if your AdminCP is compromised.
Since Invision Community, and most other web applications do not use these functions, we recommend disabling them on your server, at least within the directory that your community is installed in. You should contact your hosting provider or system administrator and ask them to be added to the disable_functions PHP setting.
exec system passthru pcntl_exec popen proc_open shell_exec"
I asked to my host provider if he could eliminate the dangerous php functions, unfortunately I can't do it because I'm on a shared cloud host.
my provider, however, replied that it could not delete the functions because it would affect the whole host.
so I asked to delete them only for me in a specific directory, but I received a negative answer.
could you tell me the exact procedure to exclude those functions from a directory? I created a custom php.ini in public_html with the disable_functions command but it doesn't seem to work. I created it with multiphp ini editor and manually, I also tried several changes to the htaccess but without result
Thanks in advance
 

cPanelLauren

Product Owner
Staff member
Nov 14, 2017
13,296
1,269
313
Houston
The suggested method of modifying this would be to go to cPanel>>MultiPHP INI editor ->> Editor Mode -> Select Location (site)

Code:
disable_functions = exec, system, passthru, pcntl_exec, popen, proc_open, shell_exec
This would need to be done for each site and should be possible on an account level basis.

You can also check out the documentation here: MultiPHP INI Editor for cPanel - Version 82 Documentation - cPanel Documentation
 

SactoBob

Active Member
Aug 15, 2015
31
4
58
Sacramento
cPanel Access Level
DataCenter Provider
The suggested method of modifying this would be to go to cPanel>>MultiPHP INI editor ->> Editor Mode -> Select Location (site)

Code:
disable_functions = exec, system, passthru, pcntl_exec, popen, proc_open, shell_exec
This would need to be done for each site and should be possible on an account level basis.

You can also check out the documentation here: MultiPHP INI Editor for cPanel - Version 82 Documentation - cPanel Documentation
Are you sure this is information is correct? I've been trying this to remove some functions and it appears disable_functions is not recognized in the user's php.ini. The link you provide also does not mention disable_functions. I want to remove some internal functions for a specific account/domain, but can't seem to do so via MultiPHP INI editor. Please advise. Thank you. (FYI, I'm using PHP-FPM)
 

cPanelLauren

Product Owner
Staff member
Nov 14, 2017
13,296
1,269
313
Houston
Are you sure this is information is correct? I've been trying this to remove some functions and it appears disable_functions is not recognized in the user's php.ini. The link you provide also does not mention disable_functions. I want to remove some internal functions for a specific account/domain, but can't seem to do so via MultiPHP INI editor. Please advise. Thank you. (FYI, I'm using PHP-FPM)
I'm positive this information is correct, in the event you're not running PHP-FPM. For systems using PHP-FPM you'd need to make these modifications in accordance with the documentation here: How to Manage Your php.ini Directives with PHP-FPM - cPanel Knowledge Base - cPanel Documentation