The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

suPHP & php.ini configuration

Discussion in 'General Discussion' started by Kurieuo, Feb 12, 2009.

  1. Kurieuo

    Kurieuo Well-Known Member

    Joined:
    Dec 13, 2002
    Messages:
    98
    Likes Received:
    0
    Trophy Points:
    6
    Location:
    Australia
    I recently made the move to suPHP. I must say, despite my research saying how much security if offers, I am looking back just a little.

    For example, I do not like how a local php.ini file can be used to overwrite settings I'd prefer not overwritable in the main php.ini file. It would also be good to lock certain settings in, like memory_limit. I already have one user using more memory than I'd like them to, although I've added restrictions in my resource monitor to try counter this. *sigh* .

    I also do not like the fact if a local php.ini file is created, all settings within the main php.ini configuration are ignored, even though the local php.ini may not overwrite such settings. I do love that users are bound to their own names, but surely there is a way to configure suPHP or something to include the main php.ini settings in the local php.ini file by default without the user having to copy and paste all the settings in?
     
    #1 Kurieuo, Feb 12, 2009
    Last edited: Feb 12, 2009
  2. JawadArshad

    JawadArshad Well-Known Member
    PartnerNOC

    Joined:
    Apr 8, 2008
    Messages:
    447
    Likes Received:
    4
    Trophy Points:
    18
    Location:
    PK
    cPanel Access Level:
    DataCenter Provider
    Yes, sometimes you do not want users to overwrite the parameters like memory_limit max_execution_time etc. A workaround would be to define a specific php.ini file with your preferred settings and add the following directive to the .htaccess file of the account where you want these settings.

    suPHP_ConfigPath /path/to/folder

    The php.ini file placed in 'folder' will be used. If you do not want users to change these settings, simply chattr the .htaccess file and make it immutable. Not the best solution as it may prevent users from applying redirects.
     
    #2 JawadArshad, Feb 12, 2009
    Last edited: Feb 12, 2009
  3. britsenigma

    britsenigma Well-Known Member

    Joined:
    Dec 14, 2008
    Messages:
    85
    Likes Received:
    0
    Trophy Points:
    6
    "For example, I do not like how a local php.ini file can be used to overwrite settings"

    You can lock this when you build apache. Do a Find for ".ini" under Exhaustive options and you'll find the tickbox, can't the exact name.
     
Loading...

Share This Page