The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

ini_set questions

Discussion in 'General Discussion' started by vlee, Jun 15, 2013.

  1. vlee

    vlee Well-Known Member

    Joined:
    Oct 13, 2005
    Messages:
    272
    Likes Received:
    6
    Trophy Points:
    18
    Location:
    Las Vegas, Nevada, United Stat
    cPanel Access Level:
    Root Administrator
    Should ini_set be enabled or disabled?

    I see this remark below

    You should consider adding ini_set to the disable_functions in the PHP configuration as this setting allows PHP scripts to override global security and performance settings for PHP scripts. Adding ini_set can break PHP scripts and commenting out any use of ini_set in such scripts is advised

    Is ini_set being even used in known scripts now days?

    I am currently using

    CENTOS 6.4 i686 WHM 11.38.0 (build 16)

    PHP 5.3.26 suphp Apache suEXEC
     
  2. ES - George

    ES - George Well-Known Member
    PartnerNOC

    Joined:
    Jun 12, 2011
    Messages:
    142
    Likes Received:
    1
    Trophy Points:
    16
    Location:
    UK
    cPanel Access Level:
    Root Administrator
    That message appears to be coming from CSFs security check. We personally do not disable ini_set globally since almost all customers require the use of it. It totally depends on the server environment though, if you're hosting hundreds of shared hosting customers, it would make sense to allow the use of it globally. If you're hosting a few local clients/friends, etc. you might consider enabling the use of it on a case by case basis.
     
  3. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    30,811
    Likes Received:
    667
    Trophy Points:
    113
    cPanel Access Level:
    Root Administrator
  4. vlee

    vlee Well-Known Member

    Joined:
    Oct 13, 2005
    Messages:
    272
    Likes Received:
    6
    Trophy Points:
    18
    Location:
    Las Vegas, Nevada, United Stat
    cPanel Access Level:
    Root Administrator
    I was just making sure about this by getting others input on the matter. My key goal is to provide the maximum security as possible without effecting the everyday life on a shared hosting service.

    I do not like hackers, spammers and those who have nothing better to do but try to destroy others.

    I welcome all comments to combat these threats above.
     
  5. Archmactrix

    Archmactrix Well-Known Member

    Joined:
    Jan 20, 2012
    Messages:
    132
    Likes Received:
    0
    Trophy Points:
    16
    cPanel Access Level:
    Root Administrator
    Then you should proceed carefully if a client is using Drupal 7 as it seems to require that ini_set is enabled.
     
Loading...

Share This Page