Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!

PHP Disable Functions

Discussion in 'Security' started by Bashed, Jul 3, 2015.

  1. Bashed

    Bashed Well-Known Member

    Joined:
    Dec 18, 2013
    Messages:
    113
    Likes Received:
    3
    Trophy Points:
    18
    cPanel Access Level:
    Root Administrator
    Hey folks,

    What is everyone's recommended disable_functions setting in PHP (w/ suPHP enabled) on shared servers?

    I'm currently using this:

    Code:
    passthru,exec,shell_exec,system,apache_note,apache_setenv,closelog,debugger_off,debugger_on,define_syslog_variables,openlog,syslog,symlink,escapeshellarg,escapeshellcmd,dl,socket_accept,socket_bind,socket_clear_error,socket_close,socket_connect,socket_create_listen,socket_create_pair,socket_create,socket_get_option,socket_getpeername,socket_getsockname,socket_last_error,socket_listen,socket_read,socket_recv,socket_recvfrom,socket_select,socket_send,socket_sendto,socket_set_block,socket_set_nonblock,socket_set_option,socket_shutdown,socket_strerror,socket_write,stream_sock
    I've read that these are all 'dangerous' too, is this too much?

    Code:
        apache_child_terminate
    apache_setenv
    define_syslog_variables
    escapeshellarg
    escapeshellcmd
    eval
    exec
    fp
    fput
    ftp_connect
    ftp_exec
    ftp_get
    ftp_login
    ftp_nb_fput
    ftp_put
    ftp_raw
    ftp_rawlist
    highlight_file
    ini_alter
    ini_get_all
    ini_restore
    inject_code
    mysql_pconnect
    openlog
    passthru
    php_uname
    phpAds_remoteInfo
    phpAds_XmlRpc
    phpAds_xmlrpcDecode
    phpAds_xmlrpcEncode
    popen
    posix_getpwuid
    posix_kill
    posix_mkfifo
    posix_setpgid
    posix_setsid
    posix_setuid
    posix_setuid
    posix_uname
    proc_close
    proc_get_status
    proc_nice
    proc_open
    proc_terminate
    shell_exec
    syslog
    system
    xmlrpc_entity_decode
     
    #1 Bashed, Jul 3, 2015
  2. quizknows

    quizknows Well-Known Member

    Joined:
    Oct 20, 2009
    Messages:
    1,011
    Likes Received:
    88
    Trophy Points:
    78
    cPanel Access Level:
    DataCenter Provider
    Those all look about right. Worst case if a customer has issues with a legitimate application, get them their own php.ini with a different disable_functions.
     
    #2 quizknows, Jul 3, 2015
  3. cPanelMichael

    cPanelMichael Technical Support Community Manager
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    44,803
    Likes Received:
    1,897
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Twitter:
    Hello :)

    You may want to monitor your error_log files within the accounts after disabling additional functions if you are concerned it will cause issues with the scripts installed for your accounts.

    Thank you.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
    #3 cPanelMichael, Jul 8, 2015
(You must log in or sign up to post here.)
Loading...
Similar Threads - Disable Functions
  1. Miguel G

    Disable functions for a particular user in a PHP-FPM pool

    Miguel G, Jun 26, 2018, in forum: Security
    Replies:
    4
    Views:
    286
    cPanelMichael
    Jul 13, 2018
  2. Xhuljo Skendaj

    PHP disabled_functions

    Xhuljo Skendaj, Oct 28, 2017, in forum: EasyApache
    Replies:
    3
    Views:
    678
    cPanelMichael
    Nov 28, 2017
  3. sodapopinski

    php disable_functions in PHP-FPM

    sodapopinski, Oct 26, 2017, in forum: Security
    Replies:
    2
    Views:
    895
    sodapopinski
    Oct 27, 2017
  4. Rakaris Bakaris

    disable_functions per domain on EA4

    Rakaris Bakaris, Oct 9, 2017, in forum: Workarounds and Optimization
    Replies:
    5
    Views:
    528
    cPanelMichael
    Oct 11, 2017
  5. chanklish

    Disable php functions weird encoding

    chanklish, Oct 5, 2017, in forum: EasyApache
    Replies:
    9
    Views:
    632
    Infopro
    Oct 6, 2017

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Accept Learn More...
    Dismiss Notice