The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Safe these days to allow account php.ini files?

Discussion in 'Security' started by jols, Nov 29, 2011.

  1. jols

    jols Well-Known Member

    Joined:
    Mar 13, 2004
    Messages:
    1,111
    Likes Received:
    2
    Trophy Points:
    38
    I have prevented individual hosting accounts from implementing their own php.ini files due to security concerns. Those concerns are based on the assumption that someone in an individual hosting account could simply write their own empty, disable_functions = "" list into their php.ini thereby taking down some of the server's security preventions.

    Is that still the case that individual account php.ini files could overwrite the main php.ini file and mess with server wide security that way?
     
  2. cPanelTristan

    cPanelTristan Quality Assurance Analyst
    Staff Member

    Joined:
    Oct 2, 2010
    Messages:
    7,623
    Likes Received:
    21
    Trophy Points:
    38
    Location:
    somewhere over the rainbow
    cPanel Access Level:
    Root Administrator
  3. jols

    jols Well-Known Member

    Joined:
    Mar 13, 2004
    Messages:
    1,111
    Likes Received:
    2
    Trophy Points:
    38
    Okay, thanks again Tristan.
     
  4. rogerw

    rogerw Member

    Joined:
    Feb 21, 2012
    Messages:
    8
    Likes Received:
    0
    Trophy Points:
    1
    cPanel Access Level:
    Website Owner
    Hi!

    I find the above does not work for me. How do I do this, when using the following:

    PHP 5.3.x
    PHP 5 handler : fcgi
    Apache suEXEC: On
    WHM: WHM 11.30.6 (build 3)

    Note: I'm pretty sure I remember seeing a checkbox setting in WHM (somewhere?) that either enabled or disabled customized php configurations per account.

    What I'm trying to do is enable custom PHP directives / settings for ONLY ONE SUBDOMAIN .

    Given the above, how do I do this?

    Thanks for any help!
    :)
     
    #4 rogerw, Feb 21, 2012
    Last edited: Feb 21, 2012
  5. cPanelTristan

    cPanelTristan Quality Assurance Analyst
    Staff Member

    Joined:
    Oct 2, 2010
    Messages:
    7,623
    Likes Received:
    21
    Trophy Points:
    38
    Location:
    somewhere over the rainbow
    cPanel Access Level:
    Root Administrator
    So you've tried this suggestion then?

    Code:
    [PATH=/home/username/public_html/subdomain]
    register_globals=On
    post_max_size=5000M
    Where you place this at the bottom of the /usr/local/lib/php.ini file? The PHP 5.3+ directives that allow individual path settings is supposed to work with any CGI-based system such as FCGI and suPHP handlers. You would replace username with the cPanel username and subdomain with the subdomain folder. This should allow only changing the settings for that subdomain.

    Of note, when stating something doesn't work, please state what specifically was tried, since that guide is pretty long and actually primarily covers suPHP.
     
Loading...

Share This Page