Kurieuo

Well-Known Member
Dec 13, 2002
106
0
166
Australia
I recently made the move to suPHP. I must say, despite my research saying how much security if offers, I am looking back just a little.

For example, I do not like how a local php.ini file can be used to overwrite settings I'd prefer not overwritable in the main php.ini file. It would also be good to lock certain settings in, like memory_limit. I already have one user using more memory than I'd like them to, although I've added restrictions in my resource monitor to try counter this. *sigh* .

I also do not like the fact if a local php.ini file is created, all settings within the main php.ini configuration are ignored, even though the local php.ini may not overwrite such settings. I do love that users are bound to their own names, but surely there is a way to configure suPHP or something to include the main php.ini settings in the local php.ini file by default without the user having to copy and paste all the settings in?
 
Last edited:

JawadArshad

Well-Known Member
PartnerNOC
Apr 8, 2008
459
7
68
PK
cPanel Access Level
DataCenter Provider
I recently made the move to suPHP. I must say, despite my research saying how much security if offers, I am looking back just a little.

For example, I do not like how a local php.ini file can be used to overwrite settings I'd prefer not overwritable in the main php.ini file. It would also be good to lock certain settings in, like memory_limit. I already have one user using more memory than I'd like them to, although I've added restrictions in my resource monitor to try counter this. *sigh* .

I also do not like the fact if a local php.ini file is created, all settings within the main php.ini configuration are ignored, even though the local php.ini may not overwrite such settings. I do love that users are bound to their own names, but surely there is a way to configure suPHP or something to include the main php.ini settings in the local php.ini file by default without the user having to copy and paste all the settings in?
Yes, sometimes you do not want users to overwrite the parameters like memory_limit max_execution_time etc. A workaround would be to define a specific php.ini file with your preferred settings and add the following directive to the .htaccess file of the account where you want these settings.

suPHP_ConfigPath /path/to/folder

The php.ini file placed in 'folder' will be used. If you do not want users to change these settings, simply chattr the .htaccess file and make it immutable. Not the best solution as it may prevent users from applying redirects.
 
Last edited:

britsenigma

Well-Known Member
Dec 14, 2008
85
0
56
"For example, I do not like how a local php.ini file can be used to overwrite settings"

You can lock this when you build apache. Do a Find for ".ini" under Exhaustive options and you'll find the tickbox, can't the exact name.