Methods to Increase Security on suPHP - Restricting who can use php.ini files

Astral God

Well-Known Member
Sep 27, 2010
180
0
66
127.0.0.1
cPanel Access Level
Root Administrator
This is what i've done, but the value(s) becomes global values, applied to ALL clients and folders, not only to the one(s) specified... :\

EDIT: Can't understand why, but it's working now...thanks...
 
Last edited:

cPanelTristan

Quality Assurance Analyst
Staff member
Oct 2, 2010
7,607
42
348
somewhere over the rainbow
cPanel Access Level
Root Administrator
Re: Methods to Increase Security on suPHP - Restricting who can use php.ini

The only way I could have seen it not working is if you were using PHP 5.2 rather than PHP 5.3 or higher. PHP 5.2 doesn't recognize the PATH values and makes them global.
 

mcongosto

Active Member
Aug 1, 2011
27
3
53
Re: Methods to Increase Security on suPHP - Restricting who can use php.ini

Under this method, even PHP_INI_SYSTEM directives are changeable for that account.
That means that I should be able to disable for example Zend Loader for a particular path, but I'm not able to!

this is what I'm doing:

Code:
[PATH=/home/coffee/public_html]
zend_loader.enable = 0
doesn't work since it keeps loading Zend loader, breaking one of my scripts (jreviews) after upgrading to php 5.3

any idea?

thanks!
 

kokonas

Registered
Jan 30, 2013
1
0
1
cPanel Access Level
Root Administrator
Re: Methods to Increase Security on suPHP - Restricting who can use php.ini

I want to disable_function (exec, shell_exec, system) for all server accounts and enable them to one account only. Any idea? I am using apchec2.2 & suphp & php5.3