Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!

Methods to Increase Security on suPHP - Restricting who can use php.ini files

Discussion in 'Security' started by cPanelTristan, Sep 25, 2010.

  1. Astral God

    Astral God Well-Known Member

    Joined:
    Sep 27, 2010
    Messages:
    180
    Likes Received:
    0
    Trophy Points:
    66
    Location:
    127.0.0.1
    cPanel Access Level:
    Root Administrator
    This is what i've done, but the value(s) becomes global values, applied to ALL clients and folders, not only to the one(s) specified... :\

    EDIT: Can't understand why, but it's working now...thanks...
     
    #41 Astral God, Nov 17, 2012
    Last edited: Nov 17, 2012
  2. cPanelTristan

    cPanelTristan Quality Assurance Analyst Staff Member

    Joined:
    Oct 2, 2010
    Messages:
    7,606
    Likes Received:
    33
    Trophy Points:
    238
    Location:
    somewhere over the rainbow
    cPanel Access Level:
    Root Administrator
    Re: Methods to Increase Security on suPHP - Restricting who can use php.ini

    The only way I could have seen it not working is if you were using PHP 5.2 rather than PHP 5.3 or higher. PHP 5.2 doesn't recognize the PATH values and makes them global.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  3. mcongosto

    mcongosto Member

    Joined:
    Aug 1, 2011
    Messages:
    24
    Likes Received:
    3
    Trophy Points:
    53
    Re: Methods to Increase Security on suPHP - Restricting who can use php.ini

    That means that I should be able to disable for example Zend Loader for a particular path, but I'm not able to!

    this is what I'm doing:

    Code:
    [PATH=/home/coffee/public_html]
    zend_loader.enable = 0
    doesn't work since it keeps loading Zend loader, breaking one of my scripts (jreviews) after upgrading to php 5.3

    any idea?

    thanks!
     
  4. kokonas

    kokonas Registered

    Joined:
    Jan 30, 2013
    Messages:
    1
    Likes Received:
    0
    Trophy Points:
    1
    cPanel Access Level:
    Root Administrator
    Re: Methods to Increase Security on suPHP - Restricting who can use php.ini

    I want to disable_function (exec, shell_exec, system) for all server accounts and enable them to one account only. Any idea? I am using apchec2.2 & suphp & php5.3
     
  5. Indianets

    Indianets Well-Known Member

    Joined:
    Jun 13, 2008
    Messages:
    65
    Likes Received:
    0
    Trophy Points:
    56
    cPanel Access Level:
    Root Administrator
    Does PHP 5.3+ method one with user ini works any more?

    PHP 5.3.27
    Apache/2.2.25

    PHP5 handler = suPHP
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
    #45 Indianets, Aug 5, 2013
    Last edited: Aug 5, 2013
  6. ANKUR KUMAR

    ANKUR KUMAR Active Member

    Joined:
    Oct 28, 2012
    Messages:
    26
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    India
    cPanel Access Level:
    Root Administrator
    The above method applies even if someone is using cloudlinux with CageFs and securelink ??
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
Loading...

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice