Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

PHP Disable Functions

Discussion in 'Security' started by Bashed, Jul 3, 2015.

  1. Bashed

    Bashed Well-Known Member

    Joined:
    Dec 18, 2013
    Messages:
    106
    Likes Received:
    3
    Trophy Points:
    18
    cPanel Access Level:
    Root Administrator
    Hey folks,

    What is everyone's recommended disable_functions setting in PHP (w/ suPHP enabled) on shared servers?

    I'm currently using this:

    Code:
    passthru,exec,shell_exec,system,apache_note,apache_setenv,closelog,debugger_off,debugger_on,define_syslog_variables,openlog,syslog,symlink,escapeshellarg,escapeshellcmd,dl,socket_accept,socket_bind,socket_clear_error,socket_close,socket_connect,socket_create_listen,socket_create_pair,socket_create,socket_get_option,socket_getpeername,socket_getsockname,socket_last_error,socket_listen,socket_read,socket_recv,socket_recvfrom,socket_select,socket_send,socket_sendto,socket_set_block,socket_set_nonblock,socket_set_option,socket_shutdown,socket_strerror,socket_write,stream_sock
    I've read that these are all 'dangerous' too, is this too much?

    Code:
        apache_child_terminate
    apache_setenv
    define_syslog_variables
    escapeshellarg
    escapeshellcmd
    eval
    exec
    fp
    fput
    ftp_connect
    ftp_exec
    ftp_get
    ftp_login
    ftp_nb_fput
    ftp_put
    ftp_raw
    ftp_rawlist
    highlight_file
    ini_alter
    ini_get_all
    ini_restore
    inject_code
    mysql_pconnect
    openlog
    passthru
    php_uname
    phpAds_remoteInfo
    phpAds_XmlRpc
    phpAds_xmlrpcDecode
    phpAds_xmlrpcEncode
    popen
    posix_getpwuid
    posix_kill
    posix_mkfifo
    posix_setpgid
    posix_setsid
    posix_setuid
    posix_setuid
    posix_uname
    proc_close
    proc_get_status
    proc_nice
    proc_open
    proc_terminate
    shell_exec
    syslog
    system
    xmlrpc_entity_decode
     
    #1 Bashed, Jul 3, 2015
  2. quizknows

    quizknows Well-Known Member

    Joined:
    Oct 20, 2009
    Messages:
    1,010
    Likes Received:
    87
    Trophy Points:
    78
    cPanel Access Level:
    DataCenter Provider
    Those all look about right. Worst case if a customer has issues with a legitimate application, get them their own php.ini with a different disable_functions.
     
    #2 quizknows, Jul 3, 2015
  3. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    42,734
    Likes Received:
    1,706
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Hello :)

    You may want to monitor your error_log files within the accounts after disabling additional functions if you are concerned it will cause issues with the scripts installed for your accounts.

    Thank you.
     
    #3 cPanelMichael, Jul 8, 2015
(You must log in or sign up to post here.)
Loading...
Similar Threads - Disable Functions
  1. Xhuljo Skendaj

    PHP disabled_functions

    Xhuljo Skendaj, Oct 28, 2017, in forum: EasyApache
    Replies:
    3
    Views:
    394
    cPanelMichael
    Nov 28, 2017
  2. sodapopinski

    php disable_functions in PHP-FPM

    sodapopinski, Oct 26, 2017, in forum: Security
    Replies:
    2
    Views:
    448
    sodapopinski
    Oct 27, 2017
  3. Rakaris Bakaris

    disable_functions per domain on EA4

    Rakaris Bakaris, Oct 9, 2017, in forum: Workarounds and Optimization
    Replies:
    5
    Views:
    366
    cPanelMichael
    Oct 11, 2017
  4. chanklish

    Disable php functions weird encoding

    chanklish, Oct 5, 2017, in forum: EasyApache
    Replies:
    9
    Views:
    445
    Infopro
    Oct 6, 2017
  5. DennisMidjord

    disable_functions not working

    DennisMidjord, Sep 1, 2017, in forum: EasyApache
    Replies:
    9
    Views:
    690
    cPanelMichael
    Apr 3, 2018

Share This Page