Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!

PHP Shell_exec()

Discussion in 'Security' started by ahassan7030, Nov 27, 2010.

  1. ahassan7030

    ahassan7030 Registered

    Joined:
    Nov 27, 2010
    Messages:
    1
    Likes Received:
    0
    Trophy Points:
    51
    Hi,

    I am having a dedicated server and the issue is every use can use shell_exec() and run shell commands. Is there anyway to stop this and give permission for shell_exec() only if the user account has shell access?

    OK, lets say... now every user have access to shell_exec() do they can run dangerous scripts using this function and harm my server?

    Thank you.
     
  2. GaryT

    GaryT Well-Known Member

    Joined:
    May 19, 2010
    Messages:
    320
    Likes Received:
    3
    Trophy Points:
    68
    You need to disable it globally in apache.

    WHM > Service Configuration > Apache configuration > Advanced Mode > Disable_Functions:

    Add what every you wnt to disable.
     
  3. ckh

    ckh Well-Known Member

    Joined:
    Dec 6, 2003
    Messages:
    358
    Likes Received:
    1
    Trophy Points:
    168
    Location:
    Phoenix, AZ
    cPanel Access Level:
    DataCenter Provider
    Gary was almost right...

    WHM > Service Configuration > PHP configuration editor > Advanced Mode > Disable_Functions
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  4. GaryT

    GaryT Well-Known Member

    Joined:
    May 19, 2010
    Messages:
    320
    Likes Received:
    3
    Trophy Points:
    68
    OOps, sorry.

    Knew it was something like that :rolleyes:
     

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice