New php.ini file on php-internal from cPanel or Imunify?

[email protected]

Well-Known Member
Aug 3, 2016
63
5
58
Everywhere
cPanel Access Level
Root Administrator
Hello,
Today after a CSF scan I have notice this:
Code:
PHP Check
Check php for enable_dl or disabled dl()
You should set:
enable_dl = Off
This prevents users from loading php modules that affect everyone on the server. Note that if use dynamic libraries, such as ioncube, you will have to load them directly in the PHP configuration:
Affected PHP versions:
/opt/alt/php-internal/etc/php.ini (/opt/alt/php-internal/usr/bin/php)

Check php for disable_functions
You should consider disabling commonly abused php functions, e.g.:
disable_functions = show_source, system, shell_exec, passthru, exec, popen, proc_open
Some client web scripts may break with some of these functions disabled, so you may have to remove them from this list:
Affected PHP versions:
/opt/alt/php-internal/etc/php.ini (/opt/alt/php-internal/usr/bin/php)
In my main php.ini file on server that running php7.4 I have enable_dl = Off and disable_functions etc.

Anyone knows what exactly is this separate php.ini and if I must change it manually or not? I have imunify antivirus installed and at the past I see exceptions that refer to imunify. It's safe to keep this "strange" php.ini with the default configurations?

Any suggestion?
 

cPRex

Jurassic Moderator
Staff member
Oct 19, 2014
7,418
999
313
cPanel Access Level
Root Administrator
Hey there! This file is part of the CloudLinux PHP system, as we can see it is owned by one of those packages. Here is some output from a test server showing this:

Code:
[email protected] [~]# rpm -qf /opt/alt/php-internal/etc/php.ini
alt-php-internal-common-7.4.16-6.el6.x86_64
You won't want to remove that file or things related to CloudLinux, such as Imunify, may not function properly.