The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

php file uploads

Discussion in 'General Discussion' started by hdotnet, Sep 3, 2007.

  1. hdotnet

    hdotnet Member

    Joined:
    Jan 31, 2007
    Messages:
    10
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    London
    Hi all,

    We are in the process of hardening our server a bit more... one task of which is disabling php file uploads for all hosts, then turning it on on a host/app/script basis as needed.

    I've noticed cpanel seems to have a lot of php.ini files:

    root@server [~]# locate php.ini
    /home/virtfs/someuser/usr/local/lib/php.ini,v
    /home/virtfs/someuser/usr/local/lib/php.ini
    /home/virtfs/someuser/usr/local/lib/php.ini.new
    /home/virtfs/someuser/usr/lib/php.ini
    /etc/php.ini
    /usr/lib/php.ini
    /usr/local/cpanel/3rdparty/etc/php.ini
    /usr/local/lib/php.ini,v
    /usr/local/lib/php.ini
    /usr/local/lib/php.ini.new

    Which one is relevant to disable file uploads server wide?

    Do the php.ini files in the /home/virtfs/someuser/ locations override the main one?
     
  2. chirpy

    chirpy Well-Known Member

    Joined:
    Jun 15, 2002
    Messages:
    13,475
    Likes Received:
    20
    Trophy Points:
    38
    Location:
    Go on, have a guess
    /usr/local/lib/php.ini is your global php.ini file (symlinked if you have Zend Optimizer installed).
     
  3. hdotnet

    hdotnet Member

    Joined:
    Jan 31, 2007
    Messages:
    10
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    London
    could anyone shed any light on this question?

    Do the php.ini files in the /home/virtfs/someuser/ locations override the main one?

    ie... what is the purpose of them?
     
  4. hdotnet

    hdotnet Member

    Joined:
    Jan 31, 2007
    Messages:
    10
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    London
    shameless bump, but could do with an answer
     
  5. chirpy

    chirpy Well-Known Member

    Joined:
    Jun 15, 2002
    Messages:
    13,475
    Likes Received:
    20
    Trophy Points:
    38
    Location:
    Go on, have a guess
    IIRC, they're the same files as they're hardlinked to the originals outside of the jail shell.
     
  6. bin_asc

    bin_asc Well-Known Member

    Joined:
    Jul 18, 2005
    Messages:
    280
    Likes Received:
    0
    Trophy Points:
    16
    There are some commands that php.ini from users can`t override. Plus, if you want to find your current server wide php.ini, use
    php -i | grep php.ini
    That will get you the current location of the php file loaded. As for php.ini, don`t they work only when PHPSuexec is on ?
     
Loading...

Share This Page