The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

SOLVED Error applying CSF recommendations for PHP

Discussion in 'Security' started by Karl1, Mar 2, 2017.

  1. Karl1

    Karl1 Member

    Joined:
    Jul 14, 2011
    Messages:
    24
    Likes Received:
    2
    Trophy Points:
    53
    Location:
    Sunny Tenerife
    cPanel Access Level:
    Root Administrator
    Hi,

    On a [ CENTOS 7.3 x86_64 kvm – srv4 WHM 62.0 ] system, CSF recommends to:

    Code:
    You should modify the PHP configuration and disable commonly abused php functions, e.g.:
    disable_functions = show_source, system, shell_exec, passthru, exec, phpinfo, popen, proc_open
    when trying to add the line using the MultiPHP INI Editor to the correct php version in cpanel I get :

    Code:
    API failure: (XID d2pscd) 1 error occurred: Error #1: The php.ini file contains an invalid line: “disable_functions”.
    the line I'm adding is as simple as :

    Code:
    disable_functions = show_source
    Any tips?

    Many thanks
     
  2. Infopro

    Infopro cPanel Sr. Product Evangelist
    Staff Member

    Joined:
    May 20, 2003
    Messages:
    15,615
    Likes Received:
    296
    Trophy Points:
    433
    Location:
    Pennsylvania
    cPanel Access Level:
    Root Administrator
    Twitter:
    Leave off the title, its in the file where you add it already.

    Find this:
    disable_functions =
    Change it to this:
    disable_functions = show_source, system, shell_exec, passthru, exec, phpinfo, popen, proc_open
     
  3. Infopro

    Infopro cPanel Sr. Product Evangelist
    Staff Member

    Joined:
    May 20, 2003
    Messages:
    15,615
    Likes Received:
    296
    Trophy Points:
    433
    Location:
    Pennsylvania
    cPanel Access Level:
    Root Administrator
    Twitter:
    Just to add, if you're not using multiple versions of PHP, say you're just interested in using 5.6 only, you can disable the other versions in EasyApache. That way you're only adding that line once. (which solves the alerts in CSF Server Check)
     
  4. Karl1

    Karl1 Member

    Joined:
    Jul 14, 2011
    Messages:
    24
    Likes Received:
    2
    Trophy Points:
    53
    Location:
    Sunny Tenerife
    cPanel Access Level:
    Root Administrator
    Thanks for the second tip. Will take care of it.

    As for the issue of this post, at first I was only adding "show_source, system, shell_exec, passthru, exec, phpinfo, popen, proc_open" since the start of the line "disable_functions =" was already there.

    I followed your advice and now all works like a charm..

    Thanks anyway, case solved
     
    Infopro likes this.
  5. Infopro

    Infopro cPanel Sr. Product Evangelist
    Staff Member

    Joined:
    May 20, 2003
    Messages:
    15,615
    Likes Received:
    296
    Trophy Points:
    433
    Location:
    Pennsylvania
    cPanel Access Level:
    Root Administrator
    Twitter:
    Happy to help. :)
     
Loading...

Share This Page