These are instructions for doing this with Apache 1.3, not using cPanel's suPHP solution, but I suspect that the directions are the same or very similar.
You would have to copy the server-wide php.ini to a different directory and then change that new version of the php.ini file so that register_globals is on.
You would then need to specify that path for that specific VirtualHost within the httpd.conf file using the suPHP_ConfigPath directive to point to that new php.ini file.
For example, say you have an account domain.com.
The account has an osCommerce install at domain.com/store that needs register_globals enabled.
For the sake of argument, your server-wide php.ini file is located at /usr/local/Zend/etc/php.ini.
Create a new directory and copy that php.ini to that directory.
Now edit the new version of that php.ini file (I use vi, but any other command line text editor will suffice)
You will have to find where register_globals is defined and changed Off to On.
Save the file
Now edit the Apache configuration file.
Find the specific VirtualHost section.
If there is a section in the VirtualHost that reads:
<IfModule mod_suphp.c>
.
.
</IfModule>
Then add this line of code within that <IfModule> bracket:
The <IfModule mod_suphp.c> would not be completely necessary, but in general is a good rule of thumb.
The important aspects are the suPHP_ConfigPath line which defines which configuration files to use. And the <Location> bracket which basically says to use this php.ini file when accessing files under the /store directory on this website.
Important Note: The suPHP_ConfigPath only needs to point to the directory where the php.ini file is located in. It does not need to include the full path including the php.ini filename.
You would have to copy the server-wide php.ini to a different directory and then change that new version of the php.ini file so that register_globals is on.
You would then need to specify that path for that specific VirtualHost within the httpd.conf file using the suPHP_ConfigPath directive to point to that new php.ini file.
For example, say you have an account domain.com.
The account has an osCommerce install at domain.com/store that needs register_globals enabled.
For the sake of argument, your server-wide php.ini file is located at /usr/local/Zend/etc/php.ini.
Create a new directory and copy that php.ini to that directory.
Code:
mkdir -p /usr/local/Zend/register-enabled
cp /usr/local/Zend/etc/php.ini /usr/local/Zend/register-enabled
Code:
vi /usr/local/Zend/register-enabled/php.iniSave the file
Now edit the Apache configuration file.
Code:
vi /etc/httpd/conf/httpd.confIf there is a section in the VirtualHost that reads:
<IfModule mod_suphp.c>
.
.
</IfModule>
Then add this line of code within that <IfModule> bracket:
Code:
<Location /store>
suPHP_ConfigPath /usr/local/Zend/register-enabled
</Location>The important aspects are the suPHP_ConfigPath line which defines which configuration files to use. And the <Location> bracket which basically says to use this php.ini file when accessing files under the /store directory on this website.
Important Note: The suPHP_ConfigPath only needs to point to the directory where the php.ini file is located in. It does not need to include the full path including the php.ini filename.
I haven't yet made done any work with Apache2. I would like to test it out on a testing server, now that cPanel 11 is coming out and try and get a general feel for it, but its been difficult finding time to do that. Hopefully I'll get around to that sometime within the next few weeks.
I don't see why this would not work with Apache2. The suPHP_ConfigPath is a part of suPHP. The only question would be whether or not Apache2 supports <Location> tags within the VirtualHost like Apache 1.3 did (the documentation seems to say so) and whether or not Apache2 support <IfModule> tags within the VirtualHost (which again the documentation seems to say so). I do not see any reason why this would not work.
If you are using cPanel 11 with Apache2 and with suPHP, then cPanel may have an ultra simple method for doing this that I am just not aware of.
I don't see why this would not work with Apache2. The suPHP_ConfigPath is a part of suPHP. The only question would be whether or not Apache2 supports <Location> tags within the VirtualHost like Apache 1.3 did (the documentation seems to say so) and whether or not Apache2 support <IfModule> tags within the VirtualHost (which again the documentation seems to say so). I do not see any reason why this would not work.
If you are using cPanel 11 with Apache2 and with suPHP, then cPanel may have an ultra simple method for doing this that I am just not aware of.
I tried to change php directives it by importing a new php.ini using suPHP_ConfigPath in httpd.conf, but it dosent work,
apache 2
php 5.1.6
apache 2
php 5.1.6
Hello,
If your customer coding his own php script. Tell to use this
If you add this to any php script head, It will open register_globals for currently running script or page. But your customer will be need to add this code to his/her all php page's. Otherwise register_global will not work.
If your customer coding his own php script. Tell to use this
PHP:
<?
ini_set('register_globals', 'on');
import_request_variables("cpg");
?>
Yes ... Absolutely
I use this method to set custom PHP options for individual accounts
in both Apache 2.0.59 and Apache 2.2.3 servers on a regular basis.
just checking for the above instructions to be carried out.. what are the pre-requistes?
enable or install suphp from whm?
anyone wrote a how-to from this instructions? am not very good at this.. need some step-by-step help.
just need to enable register_globals=on for 1 site...
Last edited:
You could try uploading a copy of the php.ini into that user directory that needs it with his specs changed I dont know how you have configured but i have suphp with apache compiled with phpsuexec and users can upload there own php.ini;s to directories that need it works great if for some reason they get hacked it doesnt spread across other users account just theres
In order for these instructions to work, you have to have suPHP enabled on your server and running PHP through suPHP. I really do not know anything about cPanel's suPHP offering. I think it is only available in EasyApache3 and for Apache2, but I may be mistaken there.just checking for the above instructions to be carried out.. what are the pre-requistes?
enable or install suphp from whm?
anyone wrote a how-to from this instructions? am not very good at this.. need some step-by-step help.
just need to enable register_globals=on for 1 site...
In short, if you've never explicitly enabled or seen anything in regards to suPHP, chances are that you are not runnning PHP with suPHP. If you've never made any changes to your server, chances are PHP is running as an Apache module. If that is the case, you should be able to just add in the .htaccess file in the public_html directory of the affected account:
php_flag register_globals on
However, personally in regards to register_globals (and to go a little off-topic) I would question whether or not the script is up-to-date. If a script is requiring register_globals to be on in order to work, then this raises a red flag that the script is not up-to-date or the developers of the script don't care enough about the security of their product.
yes .. the developers of one of my client did not do a good job.
i had to set register_globals = on
only for this one client.
and i would like to secure the rest of my account from being breeched.
hmm i remembered seeing that suPHP thing somewhere in my server, but i can't remember.
i think suPHP only avail in php5? i may be wrong on this.
i am running apache1 w/ php4.4.6 so i guess i will try your method on the .htaccess method.
This doesn't work for PHP 5.0.5
The error I get is:
The error I get is:
As you can see, I tried various ways. Any suggestions?
php_flag, php_admin_value, and other php_ directives will only work if you are running PHP as an Apache module. These directives are part of the PHP apache module. If the PHP apache module is not loaded in your apache configuration, then Apache is not going to know what php_flag means.
I suspect that you are running php as CGI either with phpsuexec or suphp. In which case, you won't be able to use php_flag or other php_ based directives.
There are basically two ways of running PHP. As an Apache module or as CGI. If you are running PHP as CGI then you can use various different ways to do this, you need some type of Apache wrapper. This is accomplished by using phpsuexec, suphp, or a custom written wrapper.
Basically in terms of PHP, it is either run in one of two ways:
PHP as an Apache Module
OR
PHP as CGI
If you are not running PHP as an Apache module, then you cannot use php_ based directives anywhere, either in your .htaccess files or in the apache configuration file.
I suspect that you are running php as CGI either with phpsuexec or suphp. In which case, you won't be able to use php_flag or other php_ based directives.
There are basically two ways of running PHP. As an Apache module or as CGI. If you are running PHP as CGI then you can use various different ways to do this, you need some type of Apache wrapper. This is accomplished by using phpsuexec, suphp, or a custom written wrapper.
Basically in terms of PHP, it is either run in one of two ways:
PHP as an Apache Module
OR
PHP as CGI
If you are not running PHP as an Apache module, then you cannot use php_ based directives anywhere, either in your .htaccess files or in the apache configuration file.
Setting custom settings for a specific site is done differently depending
in any of three ways depending on whether you are using Apache module
based PHP, phpSuExec (CGI), or SuPHP (CGI) ...
Apache Module:
----------------------
You would add "php_flag" commands to a .htaccess file in the account
you want to modify OR add "php_admin" commands in the vhost section
of the main httpd.conf file for your server for that specific site.
phpSuExec
-----------------------
You would create a custom "php.ini" file with the settings you want to change
and drop that in the home of the account you want to update.
SuPHP
----------------------
You would add a "suPHP_ConfigPath" command giving the folder location
of a custom PHP.INI file with the the vhost section of the httpd.conf file
for the site you want to modify settings.
in any of three ways depending on whether you are using Apache module
based PHP, phpSuExec (CGI), or SuPHP (CGI) ...
Apache Module:
----------------------
You would add "php_flag" commands to a .htaccess file in the account
you want to modify OR add "php_admin" commands in the vhost section
of the main httpd.conf file for your server for that specific site.
phpSuExec
-----------------------
You would create a custom "php.ini" file with the settings you want to change
and drop that in the home of the account you want to update.
SuPHP
----------------------
You would add a "suPHP_ConfigPath" command giving the folder location
of a custom PHP.INI file with the the vhost section of the httpd.conf file
for the site you want to modify settings.
I have installed php4 and php5 (both DSO) and when i put to htaccess that php4 is pharsing .php files and put
php_value register_globals 1
php_flag register_globals On
Everything is ok
But when php5 is pharsing .php files i cant that method turn ON register globals WHY? Any sugestions?
php_value register_globals 1
php_flag register_globals On
Everything is ok
But when php5 is pharsing .php files i cant that method turn ON register globals WHY? Any sugestions?
I'm fairly sure this ini_set example won't work; the reason being that the register_global actions are taken BEFORE the script starts. If you try this method, register_global is indeed set for the rest of that session, but TOO LATE to actually register the globals. You could actually do the "global registering" instead manually via a PHP function - see http://php.net/import_request_variables
Last edited:
Hi Spiral, can you help me with an example for SuPHP?, I have suPHP with apache5, i made a new folder with a copy of the default php.ini file, have it edited to turn the register globals on and then in the httpd.conf fine i added the line to point to the new folder like
suPHP_ConfigPath /usr/local/lib/php_register_on
Restarted apache and still not working
Thank you
Will the this (above) method work if you have Apache v2 and the php.ini path locked down via:
/opt/suphp/etc/suphp.conf
[phprc_paths]
;Uncommenting these will force all requests to that handler to use the php.ini
;in the specified directory regardless of suPHP_ConfigPath settings.
application/x-httpd-php=/usr/local/lib/
application/x-httpd-php4=/usr/local/php4/lib/
application/x-httpd-php5=/usr/local/lib/
Probably not, huh?
Ideally I am looking for either a way of providing custom php.ini files for accounts that need certain features that the owners of those vsites will NOT be able to change. OR, a way of limiting the features that ini_set can enable.
Is this this impossible dream of securing php but leaving it functional, or what?
I would dearly love to switch off ini_set except for the vsites who need it WITHOUT allowing them to set up their own php.ini files. I am almost shocked that there is such an "either-or" security question in the php v5.2.10 system and that there is not a more flexible way of dealing with this particular issue. I have been searching for days for a solution in this regard.
| Thread starter | Similar threads | Forum | Replies | Date |
|---|---|---|---|---|
| D | Turning off gzip | Web Servers and Applications | 3 | |
|
max_children value return to 25 | Web Servers and Applications | 8 | |
| S | turn on locally register_globals on PHP5? | Web Servers and Applications | 10 | |
| R | cannot turn on register_globals | Web Servers and Applications | 1 | |
| B | How t turn on register_globals? | Web Servers and Applications | 6 |