Hi cPanel team,
I wrote out some steps in the past on how to configure SuPHP to use only the MultiPHP INI file and to set the open_basedir for users on the system. However, I noticed that phpinfo() doesn't seem to mention the php ini in /usr/local/lib which I'm apparently "forcing the handler to use" so that's obviously not working.
In addition to that not working, I noticed that php ini isn't the one in MultiPHP INI anyway so that's not too troubling but I do want to "enforce" all accounts to use the MultiPHP INI and not have the ability to use *anything* else, even user inis.
Can someone tell me how to configure SuPHP to only use the MultiPHP INI file and none others, especially not user inis per account?
I'm also very confused whether I've configured the open_basedir entries correctly too. Is that accurate or have i done a bad job of that? (is there a better way?)
(Steps I've been using up to now that don't work)
Configure SuPHP and open_basedir Protection
I wrote out some steps in the past on how to configure SuPHP to use only the MultiPHP INI file and to set the open_basedir for users on the system. However, I noticed that phpinfo() doesn't seem to mention the php ini in /usr/local/lib which I'm apparently "forcing the handler to use" so that's obviously not working.
In addition to that not working, I noticed that php ini isn't the one in MultiPHP INI anyway so that's not too troubling but I do want to "enforce" all accounts to use the MultiPHP INI and not have the ability to use *anything* else, even user inis.
Can someone tell me how to configure SuPHP to only use the MultiPHP INI file and none others, especially not user inis per account?
I'm also very confused whether I've configured the open_basedir entries correctly too. Is that accurate or have i done a bad job of that? (is there a better way?)
(Steps I've been using up to now that don't work)
Configure SuPHP and open_basedir Protection
- Go to Software > MultiPHP Manager > PHP Handlers. Select Edit on ea-php70, choose suphp and click Apply.
- Due to SuPHP allowing individual php.ini files, restrict all accounts to the global php.ini file. Uncomment the following lines in /opt/suphp/etc/suphp.conf
[phprc_paths]
;Uncommenting these will force all requests to that handler to use the php.ini
;in the specified directory regardless of suPHP_ConfigPath settings.
application/x-httpd-php=/usr/local/lib/
;application/x-httpd-php4=/usr/local/php4/lib/
;application/x-httpd-php5=/usr/local/lib/ - Go to Software > MultiPHP INI Editor. Change to Editor Mode tab and select ea-php70. Add the following to the bottom of the config.
[PATH=/home/myacc1]
open_basedir = "/home/myacc1:/usr/lib/php:/usr/local/lib/php:/tmp"
[PATH=/home/myacc2]
open_basedir = "/home/myacc2:/usr/lib/php:/usr/local/lib/php:/tmp"
[PATH=/home/myacc3]
open_basedir = "/home/myacc3:/usr/lib/php:/usr/local/lib/php:/tmp"
[PATH=/home/myacc4]
open_basedir = "/home/myacc4:/usr/lib/php:/usr/local/lib/php:/tmp"
- Comment out original open_basedir line.