The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

php.ini -damaged!

Discussion in 'General Discussion' started by caretaker, Aug 22, 2007.

  1. caretaker

    caretaker Registered

    Joined:
    Aug 22, 2007
    Messages:
    2
    Likes Received:
    0
    Trophy Points:
    1
    hi i think i have ruined my php.ini. but thats is a long story:

    two weeks ago i had my server updated by waytotheweb.

    everything went fine, but they forgot my installation of imagemagick to include in the update.
    so i tried to do it by myself... and it seems to work...

    but not from the start. i had to do some modifikation im my php.ini because waytotheweb had secured my php.ini a little bit to much...

    the disabled exec so typo3 couldn´t find imagemagick.

    this problem i solved... but during this modifikation something "happened" with my php.ini, because now the grafiks work, but i cant log into all of my backends (typo3, joomla) and also my oscommerce store has errors in its header!

    i think there is something wrong with the session handling or so. but i didn´t know how i should be set right.

    has anyone an idea? cpanels (11.2.0) whm has a neat php manager but i have allready tried this and that and several times broken all my sites.:eek:

    here are some errors to look at: www.gfnshop.de (oscommerce)
    http://www.jugendzentrum-manege.de/typo4/typo3/index.php (typo3)
    for joomla it is always the same loginform.

    please help!

    caretaker
     
  2. nyjimbo

    nyjimbo Well-Known Member

    Joined:
    Jan 25, 2003
    Messages:
    1,125
    Likes Received:
    0
    Trophy Points:
    36
    Location:
    New York
    If you cannot fix the php.ini and your web host did all this then you must tell them and ask them to help you get your php.ini back to a state that its working.

    At the very least you should be able to put up a generic php.ini from any distribution to see if it works, but then you have to know what to edit to "lock it down" and make it secure.
     
  3. caretaker

    caretaker Registered

    Joined:
    Aug 22, 2007
    Messages:
    2
    Likes Received:
    0
    Trophy Points:
    1
    optimized php.ini

    yes, i thought so. but i had my server updated by a third party so my serversupport would just put any php.ini in my server. but it has some mods in it i won´t miss... and it works somehow... just the log in goes wrong...
    i also can log in to go into the frontend (joomla) thats kind of strange... :confused:

    so when i just put any php.ini in it, more will get confused and fussed up...

    do you know where i can get a little bit "optimized" php.ini? i´m not very good at php so i can´t see, what has to be modified until someone shows me...
    i know that security is turned of for some routines...

    also i have done some mods in the htpd.conf but that worked just fine... i hope :rolleyes:

    greets
    caretaker
     
  4. bmcpanel

    bmcpanel Well-Known Member

    Joined:
    Jun 1, 2002
    Messages:
    546
    Likes Received:
    0
    Trophy Points:
    16
    Are you running PHP as an apache module or as a cgi-binary.

    If you are running it as a cgi-binary, you can turn on PHPSUEXEC for added file ownership security and you can also use custom php.ini files for accounts that use Joomla, Word Press, etc.

    Thus, you could make the default php.ini in /usr/local/lib (or wherever it happens to be on your server) very secure, and then open up security in a custom php.ini file in the /home/user/public_html directory of the user that needs less security.

    There are pros and cons to running php as a cgi-binary so do some research about it.

    As for php.ini, these are some of the things I set for high security.
    -------------------------------------------------------
    safe_mode = On
    register_globals = Off
    open_basedir = "/home" ; for main php.ini
    -- OR --
    open_basedir = "/home/username/public_html" ; for custom php.ini
    disable_functions = "exec,system,passthru,shell_exec,escapeshellarg,escapeshellcmd,proc_close,proc_open,ini_alter,dl,popen,parse_ini_file,show_source,curl_exec"

    display_errors = Off ; only turn ON to debug
    magic_quotes_gpc = On ; helps prevent sql injection attacks
    enable_dl = Off
    cgi.force_redirect = 1 ; if running as a cgi-binary
    allow_url_fopen = Off
    --------------------------------------------------------

    Others may have other suggestions for security. Note, the settings above may cause difficulty for certain customers scripts, and would need to be edited on a case by case basis.
     
Loading...

Share This Page