PHP Disabled Functions Security

spork985

Member
Feb 10, 2012
12
0
51
cPanel Access Level
Root Administrator
I'm setting up a shared hosting service and need to secure my PHP in cPanel. I'm not sure the best way to do this since I'm sure there are many ways to do things that I'm unaware of.

So far I have this list of disabled functions:
show_source, system, shell_exec, passthru, exec, popen, proc_open

Are there any others that should be disabled? Also, what other settings should I be looking at? I'm doing both a free and paid service, so it needs to be locked down pretty well.

Thanks.
 

VietHosting

Registered
PartnerNOC
Feb 19, 2012
1
0
51
HCMC, VN
cPanel Access Level
DataCenter Provider
Twitter
disable functions do not help you more secure, it's usually break many scripts ( wp, joomla etc.. ). You should using suhosin + config from apache and using mod_security with good rules ( gotroot.com )