The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Disabling PHP Functions with SUHOSIN on suPHP

Discussion in 'Security' started by zontrakulla, Jun 8, 2013.

  1. zontrakulla

    zontrakulla Active Member

    Joined:
    Jan 16, 2008
    Messages:
    39
    Likes Received:
    0
    Trophy Points:
    6
    Hello,

    I've installed SUHOSIN and made necessary changes. Now, i want to allow a user to be able to use some php commands, like shell_exec(). I've created /usr/local/apache/conf/userdata/std/2/usernamehere/userdomainhere/custom.conf

    and put
    Code:
    php_admin_value suhosin.executor.func.blacklist ''
    When i check /scripts/ensure vhost_includes --user=usernamehere i get this error

    Code:
    Invalid command 'php_admin_value', perhaps misspelled or defined by a module not                 included in the server configuration
    Since I'm on suPHP, i can't use php_admin_value . Then how can i put suhosin.executor.func.blacklist value to conf file?

    Thank you.
     
  2. zontrakulla

    zontrakulla Active Member

    Joined:
    Jan 16, 2008
    Messages:
    39
    Likes Received:
    0
    Trophy Points:
    6
    Alright, i managed to do that.

    Added

    Code:
    [PATH=/home/username/public_html]
    suhosin.executor.func.blacklist=""
    to my php.ini file.

    :cool:

    edit:

    or a better idea. Keep other functions in blacklist and enable only shell_exec()
    Code:
    suhosin.executor.func.blacklist="exec,passthru,system,proc_open,popen,curl_exec,curl_multi_exec,parse_ini_file,show_source"
     
    #2 zontrakulla, Jun 8, 2013
    Last edited: Jun 8, 2013
  3. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    30,723
    Likes Received:
    660
    Trophy Points:
    113
    cPanel Access Level:
    Root Administrator
    Hello :)

    I am happy to hear you were able to find a resolution for your issue. While not directly related to your specific issue, the following forum thread may also be useful if you are attempting to make suPHP more secure:

    Methods to increase security when using suPHP

    Thank you.
     
  4. Dr Ahmed

    Dr Ahmed Member

    Joined:
    Mar 22, 2011
    Messages:
    19
    Likes Received:
    0
    Trophy Points:
    1
    cPanel Access Level:
    Root Administrator
    This solution is valid only in case of using PHP 5.3.x or above

    also php_admin_value is used only in case of your php handler is DSO not suPHP

    Greatings,
     
Loading...

Share This Page