The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Help with custom php.ini

Discussion in 'Security' started by richirich, Jan 6, 2010.

  1. richirich

    richirich Registered

    Joined:
    Jan 6, 2010
    Messages:
    2
    Likes Received:
    0
    Trophy Points:
    1
    -------------------------------------------------
    Hello,
    i am interested in point number 3 but did not fully get the steps.
    So far, i have installed suphp on the server and i have only one account that needs allow_url_fopen = on , while i want all other users to have it off.
    i tried creating a php.ini inside the public_html but it is not working.
    Can you please help.
    thank you
     
  2. cPanelDon

    cPanelDon cPanel Quality Assurance Analyst
    Staff Member

    Joined:
    Nov 5, 2008
    Messages:
    2,557
    Likes Received:
    7
    Trophy Points:
    38
    Location:
    Houston, Texas, U.S.A.
    cPanel Access Level:
    DataCenter Provider
    Twitter:
    Please elaborate on what specific details are seen; by "not working" what is the method for testing this and what criteria are you looking for?

    For example; knowing the following information will help to narrow what factors are involved:
    1.) Is a php info page being used to test the value of customized php.ini settings? The following PHP code may be used to setup a custom php info page (e.g., placed in a new file using the ".php" file extension):
    Code:
    <?php
    phpinfo();
    ?>
    2.) Have you ensured that the custom php.ini file contains the directive once and not twice or more (i.e., ensure no duplicate directives)?
    3.) Is the directive "allow_url_fopen" set in the system-wide php.ini and in the user's custom php.ini?
    4.) Was the directive "suPHP_ConfigPath" set in an .htaccess file or other Apache configuration? Customizing this is optional and may not be required.
    5.) Have you confirmed and verified that SuPHP is activated?
    Code:
    # /usr/local/cpanel/bin/rebuild_phpconf --current
    6.) Please try the following example to create a custom php.ini for the user, where "username" represents the user involved:
    Code:
    # cp -pv /usr/local/lib/php.ini /home/username/public_html/php.ini
    # chown -v username:username /home/username/public_html/php.ini
    After using the above two commands to create the custom php.ini file then it may be modified as needed.
     
  3. richirich

    richirich Registered

    Joined:
    Jan 6, 2010
    Messages:
    2
    Likes Received:
    0
    Trophy Points:
    1
    How can i protect PHP.ini with SuPHP?

    Hello, thank you for the quick response.




    Richi: i created this to check the php value. it shows:
    Directive Local Value Master Value
    allow_call_time_pass_reference On On
    allow_url_fopen Off Off

    even when the local php.ini is set to on


    Richi : by not working i meant tat when i insert the new php in the account profile, the new configurations specified there wont apply.


    Richi reply: it was set to off in the system-wide and on for the customer


    Richi :i tried setting that from .htaccess but it did not apply. The attempt was as follows " php_value allow_url_fopen 1

    Richi: Although i built apache and php enabling this option
    this was the result i got:
    Available handlers: suphp dso cgi none
    DEFAULT PHP: 5
    PHP4 SAPI: none
    PHP5 SAPI: dso
    SUEXEC: enabled

    should i enable from somewhere in whm?

    Richi: did that already
     
  4. cPanelDon

    cPanelDon cPanel Quality Assurance Analyst
    Staff Member

    Joined:
    Nov 5, 2008
    Messages:
    2,557
    Likes Received:
    7
    Trophy Points:
    38
    Location:
    Houston, Texas, U.S.A.
    cPanel Access Level:
    DataCenter Provider
    Twitter:
    To confirm, when testing the above, did the PHP info page show any change?

    Thank you for the excellent details; as the PHP handler is DSO, a custom php.ini file will not work.

    Using DSO, here is an example .htaccess entry to set boolean php configuration directives; this should work if nothing is restricting the ability to customize them (such as safe_mode):
    Code:
    <IfModule mod_php5.c>
    php_flag allow_url_fopen on
    </IfModule>
    Please try the above .htaccess entries, then view the PHP info page once more to verify if the setting changed.
    Reference: (for DSO) PHP: How to change configuration settings - Manual

    If safe_mode is enabled, this will also prevent fopen from working. When viewing the PHP info page, is safe_mode enabled/on or disabled/off?
    Reference: PHP: Functions restricted/disabled by safe mode - Manual

    Please note that when using SuPHP the .htaccess directives beginning with "php_" such as "php_flag" and "php_value" will no longer work, and sites still using them without being wrapped in an IfModule section will show an error until they are either removed/disabled/commented or until they are rendered harmless by containing them in an IfModule section.

    The PHP handler may be switched from DSO to SuPHP via the following area in WHM:
    WHM: Main >> Service Configuration >> Apache Configuration >> PHP and SuExec Configuration
    Documentation: Configure PHP and suEXEC

    For additional verbose details and information please refer to the following documentation:
    Apache PHP Request Handling
    Configuring PHP and suEXEC from the Command Line

    As an alternative to WHM, here is an example showing how to set the PHP handler to SuPHP; the following command will, in this order, set the default PHP version to 5, set the PHP4 handler to none (assuming PHP v4 is not used or not installed), set the PHP5 handler to SuPHP, and set SuExec enabled:
    Code:
    # /usr/local/cpanel/bin/rebuild_phpconf 5 none suphp 1
     
  5. cPanelDon

    cPanelDon cPanel Quality Assurance Analyst
    Staff Member

    Joined:
    Nov 5, 2008
    Messages:
    2,557
    Likes Received:
    7
    Trophy Points:
    38
    Location:
    Houston, Texas, U.S.A.
    cPanel Access Level:
    DataCenter Provider
    Twitter:
Loading...

Share This Page