The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

One php.ini for each cPanel user?

Discussion in 'Security' started by colorcloud, Dec 10, 2009.

  1. colorcloud

    colorcloud Active Member

    Joined:
    Aug 14, 2003
    Messages:
    28
    Likes Received:
    0
    Trophy Points:
    1
    Dear all,

    I'm wondering if I can make each user to have only one php.ini file, and that php.ini is outside user's home directory, so only admin can edit that php.ini for user?

    PS. handler=suphp & suEXEC=on
     
  2. madaboutlinux

    madaboutlinux Well-Known Member

    Joined:
    Jan 24, 2005
    Messages:
    1,052
    Likes Received:
    2
    Trophy Points:
    38
    Location:
    Earth
    You can create a php.ini as root under the user's account so he won't be able to create a new one as well as edit the one you placed.

    OR

    to completely disable permissions for users to create their own php.ini and manage them from outside their home directories, refer the post by "sparek-3" at: http://forums.cpanel.net/f5/how-can-i-protect-php-ini-suphp-127537.html
     
    #2 madaboutlinux, Dec 11, 2009
    Last edited: Dec 11, 2009
  3. 9xlinux

    9xlinux Well-Known Member

    Joined:
    Dec 20, 2009
    Messages:
    185
    Likes Received:
    0
    Trophy Points:
    16
    cPanel Access Level:
    Root Administrator
    In a text editor (nano, vi etc) open the file - /opt/suphp/etc/suphp.conf

    search for [phprc_paths]
    there uncomment the following lines :

    ;application/x-httpd-php=/usr/local/lib/
    ;application/x-httpd-php4=/usr/local/php4/lib/
    ;application/x-httpd-php5=/usr/local/lib/

    save and quit.

    restart apache. you are done, now regardless of php.ini at their home folders, all users will be forced to use php.ini at the above paths .
     
  4. IbnKuldun

    IbnKuldun Member

    Joined:
    May 6, 2005
    Messages:
    12
    Likes Received:
    0
    Trophy Points:
    1
    put the php.ini file for each use in their home directory e.g.
    Code:
    /home/user
    and then in the http folder for that user
    Code:
    /home/user/public_html
    insert the following line into the htaccess

    Code:
    SetEnv PHPRC /home/user
    and you should be set
     
  5. sharmaine001

    sharmaine001 Well-Known Member

    Joined:
    Jun 23, 2006
    Messages:
    143
    Likes Received:
    0
    Trophy Points:
    16

    Users can change htaccess so its not a good idea. If they delete that from the htaccess file then they can override the php.ini setting
     
Loading...

Share This Page