Help with custom php.ini

richirich

Registered
Jan 6, 2010
2
0
51
You have a few different options with mod_suphp...

1) You can allow the users to set up their own php.ini files as they see fit. This is the default configuration.

2) You can force all users to use a single php.ini file. This is done by setting the phprc_paths in /opt/suphp/etc/suphp.conf. If you set this it will override any other settings in .htaccess files or httpd.conf.

3) You can control which php.ini is used for each account using suPHP_ConfigPath. This directive can be used in httpd.conf and in .htaccess files, so if you want to lock a particular account to a certain php.ini you'd need to set suPHP_ConfigPath for that account in an include file and remove Options from the AllowOverride list for that VirtualHost.
-------------------------------------------------
Hello,
i am interested in point number 3 but did not fully get the steps.
So far, i have installed suphp on the server and i have only one account that needs allow_url_fopen = on , while i want all other users to have it off.
i tried creating a php.ini inside the public_html but it is not working.
Can you please help.
thank you
 

cPanelDon

cPanel Quality Assurance Analyst
Staff member
Nov 5, 2008
2,544
12
268
Houston, Texas, U.S.A.
cPanel Access Level
DataCenter Provider
Twitter
Hello,
i am interested in point number 3 but did not fully get the steps.
So far, i have installed suphp on the server and i have only one account that needs allow_url_fopen = on , while i want all other users to have it off.
i tried creating a php.ini inside the public_html but it is not working.
Can you please help.
thank you
Please elaborate on what specific details are seen; by "not working" what is the method for testing this and what criteria are you looking for?

For example; knowing the following information will help to narrow what factors are involved:
1.) Is a php info page being used to test the value of customized php.ini settings? The following PHP code may be used to setup a custom php info page (e.g., placed in a new file using the ".php" file extension):
Code:
<?php
phpinfo();
?>
2.) Have you ensured that the custom php.ini file contains the directive once and not twice or more (i.e., ensure no duplicate directives)?
3.) Is the directive "allow_url_fopen" set in the system-wide php.ini and in the user's custom php.ini?
4.) Was the directive "suPHP_ConfigPath" set in an .htaccess file or other Apache configuration? Customizing this is optional and may not be required.
5.) Have you confirmed and verified that SuPHP is activated?
Code:
# /usr/local/cpanel/bin/rebuild_phpconf --current
6.) Please try the following example to create a custom php.ini for the user, where "username" represents the user involved:
Code:
# cp -pv /usr/local/lib/php.ini /home/username/public_html/php.ini
# chown -v username:username /home/username/public_html/php.ini
After using the above two commands to create the custom php.ini file then it may be modified as needed.
 

richirich

Registered
Jan 6, 2010
2
0
51
How can i protect PHP.ini with SuPHP?

Hello, thank you for the quick response.



1.) Is a php info page being used to test the value of customized php.ini settings? The following PHP code may be used to setup a custom php info page (e.g., placed in a new file using the ".php" file extension):
Code:
<?php
phpinfo();
?>

Richi: i created this to check the php value. it shows:
Directive Local Value Master Value
allow_call_time_pass_reference On On
allow_url_fopen Off Off

even when the local php.ini is set to on

2.) Have you ensured that the custom php.ini file contains the directive once and not twice or more (i.e., ensure no duplicate directives)?

Richi : by not working i meant tat when i insert the new php in the account profile, the new configurations specified there wont apply.


3.) Is the directive "allow_url_fopen" set in the system-wide php.ini and in the user's custom php.ini?
Richi reply: it was set to off in the system-wide and on for the customer


4.) Was the directive "suPHP_ConfigPath" set in an .htaccess file or other Apache configuration? Customizing this is optional and may not be required.
Richi :i tried setting that from .htaccess but it did not apply. The attempt was as follows " php_value allow_url_fopen 1

5.) Have you confirmed and verified that SuPHP is activated?
Code:
# /usr/local/cpanel/bin/rebuild_phpconf --current
Richi: Although i built apache and php enabling this option
this was the result i got:
Available handlers: suphp dso cgi none
DEFAULT PHP: 5
PHP4 SAPI: none
PHP5 SAPI: dso
SUEXEC: enabled

should i enable from somewhere in whm?

6.) Please try the following example to create a custom php.ini for the user, where "username" represents the user involved:

Code:
# cp -pv /usr/local/lib/php.ini /home/username/public_html/php.ini
# chown -v username:username /home/username/public_html/php.ini
After using the above two commands to create the custom php.ini file then it may be modified as needed.
Richi: did that already
 

cPanelDon

cPanel Quality Assurance Analyst
Staff member
Nov 5, 2008
2,544
12
268
Houston, Texas, U.S.A.
cPanel Access Level
DataCenter Provider
Twitter
Richi :i tried setting that from .htaccess but it did not apply. The attempt was as follows " php_value allow_url_fopen 1
To confirm, when testing the above, did the PHP info page show any change?

Richi: Although i built apache and php enabling this option
this was the result i got:
Available handlers: suphp dso cgi none
DEFAULT PHP: 5
PHP4 SAPI: none
PHP5 SAPI: dso
SUEXEC: enabled
Thank you for the excellent details; as the PHP handler is DSO, a custom php.ini file will not work.

Using DSO, here is an example .htaccess entry to set boolean php configuration directives; this should work if nothing is restricting the ability to customize them (such as safe_mode):
Code:
<IfModule mod_php5.c>
php_flag allow_url_fopen on
</IfModule>
Please try the above .htaccess entries, then view the PHP info page once more to verify if the setting changed.
Reference: (for DSO) PHP: How to change configuration settings - Manual

If safe_mode is enabled, this will also prevent fopen from working. When viewing the PHP info page, is safe_mode enabled/on or disabled/off?
Reference: PHP: Functions restricted/disabled by safe mode - Manual

Please note that when using SuPHP the .htaccess directives beginning with "php_" such as "php_flag" and "php_value" will no longer work, and sites still using them without being wrapped in an IfModule section will show an error until they are either removed/disabled/commented or until they are rendered harmless by containing them in an IfModule section.

should i enable from somewhere in whm?
The PHP handler may be switched from DSO to SuPHP via the following area in WHM:
WHM: Main >> Service Configuration >> Apache Configuration >> PHP and SuExec Configuration
Documentation: Configure PHP and suEXEC

For additional verbose details and information please refer to the following documentation:
Apache PHP Request Handling
Configuring PHP and suEXEC from the Command Line

As an alternative to WHM, here is an example showing how to set the PHP handler to SuPHP; the following command will, in this order, set the default PHP version to 5, set the PHP4 handler to none (assuming PHP v4 is not used or not installed), set the PHP5 handler to SuPHP, and set SuExec enabled:
Code:
# /usr/local/cpanel/bin/rebuild_phpconf 5 none suphp 1