enable exec for one cpanel account only? suphp

postcd · Jun 15, 2014

Have whm server, suphp, php 5.3.28 with Suhosin

and in global php.ini it has exec function globally disabled, which is wanted for security.
But one user script want exec function and this user is trustable and important so i want enable it for him only.

When i add php.ini to the users root www folder with content:

disable_functions = "shell_exec"

(not having exec function mentioned so one would expect this will overide global php.ini)

and global php.ini has exec listed in disable functions, it returns error on website:

Warning: exec() has been disabled for security reasons in ...

At the bottom of global php.ini i have:

[PATH=/home/usernamehere/public_html/folderhere]
disable_functions = show_source, system, passthru, shell_exec, popen, proc_open, allow_url_fopen

(wanting to override global disable_functions for this particular PATH, as seen exec is not listed, not disabled, but that user script still returns above error saying exec is disabled..)

There is some tutorial with Suhosin: https://forums.cpanel.net/f5/enable-shell_exec-one-user-109601.html#post588281
but im unsure how to add that VirtualHost from WHM.

Also there is an idea to disable PHP CLI for one domain (i have CLI in PHP):
http://www.webhostingtalk.com/showthread.php?p=8751818#post8751818

please any idea? i listen suhosin has its disable functions too and i would switch to other phphandler like fcgi if that would fix, please advice me what to do, what to try, thanks

cPanelPeter · Jun 15, 2014

Hello,

It would appear you are thinking that this is backwards. By adding "shell_exec" to the disable_functions (both globally and for that user) then it will disable that feature entirely. It does not mean that this option is ignored for that user.

You should try to set:

Code:

[PATH=/home/usernamehere/public_html/folderhere]
disable_functions =

See if that makes a difference.

postcd · Jun 16, 2014

cPanelPeter said:
You should try to set:

Code:

[PATH=/home/usernamehere/public_html/folderhere] disable_functions =

See if that makes a difference.

I tried this now commenting out my current rules and replacing my client username and foldername in the path you provided above. But when "exec" function is in global disable_functions, it still reports error "exec() has been disabled for security reasons" on the client webpage..

postcd · Sep 1, 2017

Hello,

This topic - Link Removed Merged Threads - lacks solution so i am creating duplicate topic (if that is wrong, i apologize but can not update mentioned topic of mine)

Please how do i have PHP exec() disabled for all cpanels, except one or more selected ones? Or enabled per folder.

I have updated WHM/cPanel on CentOS 6
Server version: Apache/2.2.29 (Unix)
Cpanel::Easy::Apache v3.30.3 rev9999
PHP 5.3.29 (cli)
SuPHP

cPanelMichael · Sep 1, 2017

postcd said:
Please how do i have PHP exec() disabled for all cpanels, except one or more selected ones? Or enabled per folder.

I have updated WHM/cPanel on CentOS 6
Server version: Apache/2.2.29 (Unix)
Cpanel::Easy::Apache v3.30.3 rev9999
PHP 5.3.29 (cli)
SuPHP

Hello,

The following third-party URL explains how to do this:

How to enable exec() (PHP Configuration)

Thank you.

Thread starter	Similar threads	Forum	Replies	Date
A	How Do I enable exec, popen php function in cPanel ?	Web Servers and Applications	1	May 31, 2018
	Enable exec for one account only	Web Servers and Applications	5	Dec 9, 2017
I	exec() disabled when PHP-FPM enabled	Web Servers and Applications	4	Dec 2, 2016
S	Cannot enable exec()	Web Servers and Applications	4	Oct 26, 2016
T	Apache update stops at Executing '/usr/local/cpanel/scripts/enablefileprotect'	Web Servers and Applications	2	Nov 21, 2014

Search

Search

enable exec for one cpanel account only? suphp

postcd

Well-Known Member

cPanelPeter

Senior Technical Analyst

postcd

Well-Known Member

postcd

Well-Known Member

cPanelMichael

Administrator