How to override php_functions in .htaccess - DSO (not suPHP)

jeremys_ppc

Member
May 7, 2014
12
0
1
cPanel Access Level
Root Administrator
We are using MPM_ITK with the DSO PHP Handler. From the documentation it looks like we cannot use custom php.ini files (Which would be valid for suPHP) but need to be done in the .htaccess using the php_value setting.

I have set disabled_functions in our main php.ini to include the ini_set() method due to security but the problem is there are several CMS that need this functionality. So for those specific sites only (we are not trying to enable it server wide) we are trying to re-enable ini_set().

My main php.ini has this line:
php_value disable_functions "show_source, system, shell_exec, passthru, exec, phpinfo, popen, proc_open, allow_url_fopen, ini_set"

The .htaccess on a client site (Joomla site) has this in the .htaccess
php_value disable_functions "show_source, system, shell_exec, passthru, exec, phpinfo, popen, proc_open, allow_url_fopen"

For some reason, however, ini_set is still showing as disabled. Oddly enough it does seem to read the htaccess as if I remove phpinfo and set a phpinfo() call in a test page it does work! Does anyone know how to get the ini_set functions to enable correctly? I have asked our "cPanel experts" (probably need to find new "experts" but that's a different story) however its been a whole day and they have not given me any insight to this issue.
 

cPanelMichael

Administrator
Staff member
Apr 11, 2011
47,884
2,250
463
Hello :)

Please see:

PHP: Description of core php.ini directives - Manual

In particular:

This directive must be set in php.ini For example, you cannot set this in httpd.conf.

It's not possible to override the value in the .htaccess file of an account.

Thank you.
 

cPanelMichael

Administrator
Staff member
Apr 11, 2011
47,884
2,250
463
The only other alternative (besides switching to suPHP) is to remove the option from the disable_functions list globally.

Thank you.