shell_exec() has been disabled for security reasons in /usr/local/cpanel/whostmgr/.../logger.php

postcd

Well-Known Member
Oct 22, 2010
717
19
68
Hello, in root folder on WHM server i have "error_log" file which contains many log lines from today and many days before:
PHP Warning: shell_exec() has been disabled for security reasons in /usr/local/cpanel/whostmgr/docroot/themes/x/xtra/functions/load/logger.php on line 76

Is it problem that WHM cant use this PHP function? How should i solve this while keeping this function disabled for hosted websites?

thank you
 

madmanmachines

Well-Known Member
Nov 28, 2014
94
4
8
cPanel Access Level
Root Administrator
This looks like you are using a 3rd-party addon for WHM that has special requirements that cPanel/WHM does not normally allow. I'd say that 'shell_exec()' is disabled for good reason. You must absolutely trust this addon if you enable 'shell_exec()'. Search for the directive using the following
Code:
find /usr/local/ -type f -name php.ini -exec grep -il "shell_exec" {} \;
How should i solve this while keeping this function disabled for hosted websites?
I doubt the same PHP configuration is used for this 3rd-party addon and the actual websites.
 

postcd

Well-Known Member
Oct 22, 2010
717
19
68
Thx, yes, your command found file: /usr/local/lib/php.ini

And the above mentioned log entry points to this file: /usr/local/cpanel/whostmgr/docroot/themes/x/xtra/functions/load/logger.php

which contains:
$beancounters = @shell_exec("/bin/beanc 2> /dev/null");
if (!$beancounters) {
if (file_exists('/proc/user_beancounters')) {
$beancounters = `cat /proc/user_beancounters 2> /dev/null`;
}
else {
$ded=TRUE;
}
}
if ($beancounters) {
if (file_exists($logdir.'_nobeans')) {
unlink($logdir.'_nobeans');
}
$pattern = "/^.*\b(oomguarpages)\b.*$/mi";
preg_match($pattern, $beancounters, $hits);
$bean = trim($hits[0]);
$bean = preg_replace("/ {1,99}/", " ", $bean);
$parts = explode(" ",$bean);
$mem1 = $parts[1];
$oomgmax = $parts[3];
$pattern = "/^.*\b(privvmpages)\b.*$/mi";
preg_match($pattern, $beancounters, $hits);
$bean = trim($hits[0]);
$bean = preg_replace("/ {1,99}/", " ", $bean);
$parts = explode(" ",$bean);
$mem2 = $parts[1];
$privmax = $parts[3];
}
To disable this script/WHMXtra plugin,
go to Plugins >> Load/Bandwidth Monitor and select the option to
disable the cron
 
Last edited:

postcd

Well-Known Member
Oct 22, 2010
717
19
68
Can i somehow edit that logger.php file and disallow it to log errors?

or into that directory .htaccess to add something like?:
ErrorLog /dev/null
 

cPanelMichael

Administrator
Staff member
Apr 11, 2011
47,913
2,203
363
Hello :)

I suggest reporting this issue to the developer of the plugin you are using. It's possible an update is available for it, or the developers need to address the issue to avoid a modification to the cPanel PHP configuration.

Thank you.
 

postcd

Well-Known Member
Oct 22, 2010
717
19
68
Thanks, the developer is aware and will probably use different function in future.

To disable this script/WHMXtra plugin, go to Plugins >> Load/Bandwidth Monitor
and select the option to disable the cron

solved 4me, thx Michael
 

cPanelMichael

Administrator
Staff member
Apr 11, 2011
47,913
2,203
363
I m happy to see you were able to address the issue by disabling the plugin and contacting the developer. Thank you for updating us with the outcome.