The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

PHP Shell_exec()

Discussion in 'Security' started by ahassan7030, Nov 27, 2010.

  1. ahassan7030

    ahassan7030 Registered

    Joined:
    Nov 27, 2010
    Messages:
    1
    Likes Received:
    0
    Trophy Points:
    1
    Hi,

    I am having a dedicated server and the issue is every use can use shell_exec() and run shell commands. Is there anyway to stop this and give permission for shell_exec() only if the user account has shell access?

    OK, lets say... now every user have access to shell_exec() do they can run dangerous scripts using this function and harm my server?

    Thank you.
     
  2. GaryT

    GaryT Well-Known Member

    Joined:
    May 19, 2010
    Messages:
    321
    Likes Received:
    3
    Trophy Points:
    16
    You need to disable it globally in apache.

    WHM > Service Configuration > Apache configuration > Advanced Mode > Disable_Functions:

    Add what every you wnt to disable.
     
  3. ckh

    ckh Well-Known Member

    Joined:
    Dec 6, 2003
    Messages:
    356
    Likes Received:
    1
    Trophy Points:
    18
    Location:
    Phoenix, AZ
    cPanel Access Level:
    DataCenter Provider
    Gary was almost right...

    WHM > Service Configuration > PHP configuration editor > Advanced Mode > Disable_Functions
     
  4. GaryT

    GaryT Well-Known Member

    Joined:
    May 19, 2010
    Messages:
    321
    Likes Received:
    3
    Trophy Points:
    16
    OOps, sorry.

    Knew it was something like that :rolleyes:
     
Loading...

Share This Page