The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

suPHP php.ini question

Discussion in 'General Discussion' started by lowhigh, Jun 26, 2011.

  1. lowhigh

    lowhigh Active Member

    Joined:
    Jun 25, 2011
    Messages:
    29
    Likes Received:
    0
    Trophy Points:
    1
    Hi all!

    I have installed CP 11.30 build 32. Every work well untill now. I'm testing for the server securities and i find some problem with php

    I choose to install PHP 5 as suPHP, i set some important php configuration in the master config (/usr/local/lib/php.ini) such as: safe_mode= ON, openbase_dir, disable some functions, and many other parameters.
    But when one my customer required safe_mode=OFF,others still required ON,so i advise them to put a php.ini file in the public_html with simple config: safe_mode=Off
    OK, my customer feel satisfied but i don't. I see that, php will load my new local php.ini, and problems raise:
    Most of parameter seem to be overrided, php give up some my security configs: open_basedir=no value, disabled_functions=no value, and many paramiters=no value
    i upload a simple shell, r57 and c99. Not surprised, i can walk away on this server, see all my customer though i cannot access to these folders, i can go into some system folder such as /var, /usr.....
    Beside, i execute some commands to find siud files, config files.....they all are successfull!

    So, i want to know, is suPHP secure? what way can i config to make sure both the system security and my customer can change their config. With suPHP, that situation make any bad affects to my server?

    Thanks all!
     
  2. lowhigh

    lowhigh Active Member

    Joined:
    Jun 25, 2011
    Messages:
    29
    Likes Received:
    0
    Trophy Points:
    1
    anybody help me?
     
  3. lowhigh

    lowhigh Active Member

    Joined:
    Jun 25, 2011
    Messages:
    29
    Likes Received:
    0
    Trophy Points:
    1
    Thanks Micheal!

    After search, i have found this article! It's so wonderful!
     
Loading...

Share This Page