Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!

suPHP & php.ini configuration

Discussion in 'General Discussion' started by Kurieuo, Feb 12, 2009.

  1. Kurieuo

    Kurieuo Well-Known Member

    Dec 13, 2002
    Likes Received:
    Trophy Points:
    I recently made the move to suPHP. I must say, despite my research saying how much security if offers, I am looking back just a little.

    For example, I do not like how a local php.ini file can be used to overwrite settings I'd prefer not overwritable in the main php.ini file. It would also be good to lock certain settings in, like memory_limit. I already have one user using more memory than I'd like them to, although I've added restrictions in my resource monitor to try counter this. *sigh* .

    I also do not like the fact if a local php.ini file is created, all settings within the main php.ini configuration are ignored, even though the local php.ini may not overwrite such settings. I do love that users are bound to their own names, but surely there is a way to configure suPHP or something to include the main php.ini settings in the local php.ini file by default without the user having to copy and paste all the settings in?
    #1 Kurieuo, Feb 12, 2009
    Last edited: Feb 12, 2009
  2. JawadArshad

    JawadArshad Well-Known Member

    Apr 8, 2008
    Likes Received:
    Trophy Points:
    cPanel Access Level:
    DataCenter Provider
    Yes, sometimes you do not want users to overwrite the parameters like memory_limit max_execution_time etc. A workaround would be to define a specific php.ini file with your preferred settings and add the following directive to the .htaccess file of the account where you want these settings.

    suPHP_ConfigPath /path/to/folder

    The php.ini file placed in 'folder' will be used. If you do not want users to change these settings, simply chattr the .htaccess file and make it immutable. Not the best solution as it may prevent users from applying redirects.
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
    #2 JawadArshad, Feb 12, 2009
    Last edited: Feb 12, 2009
  3. britsenigma

    britsenigma Well-Known Member

    Dec 14, 2008
    Likes Received:
    Trophy Points:
    "For example, I do not like how a local php.ini file can be used to overwrite settings"

    You can lock this when you build apache. Do a Find for ".ini" under Exhaustive options and you'll find the tickbox, can't the exact name.

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice