Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!

What are the security threats of enabling php zip extension?

Discussion in 'Security' started by Mugoma, Jan 16, 2017.

Tags:
  1. Mugoma

    Mugoma Well-Known Member

    Joined:
    Aug 1, 2016
    Messages:
    74
    Likes Received:
    4
    Trophy Points:
    8
    Location:
    Nairobi
    cPanel Access Level:
    Root Administrator
    By default EasyApache doesn't compile with php zip extension.

    But we have had several users asking for it.

    Are there any risks of enabling php zip extension?
     
    #1 Mugoma, Jan 16, 2017
  2. cPanelMichael

    cPanelMichael Technical Support Community Manager Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    47,009
    Likes Received:
    2,123
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Twitter:
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
    #2 cPanelMichael, Jan 16, 2017
  3. Mugoma

    Mugoma Well-Known Member

    Joined:
    Aug 1, 2016
    Messages:
    74
    Likes Received:
    4
    Trophy Points:
    8
    Location:
    Nairobi
    cPanel Access Level:
    Root Administrator
    I had already seen that link.

    The link discusses about zip file uploads while my question is about 'PHP zip extension'. I am not conversant with the extension but don't think it has anything to do with uploading files.
     
    #3 Mugoma, Jan 16, 2017
  4. cPanelMichael

    cPanelMichael Technical Support Community Manager Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    47,009
    Likes Received:
    2,123
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Twitter:
    Hello,

    I'm not aware of any security issues with the PHP Zip extension itself. The security discussion would likely relate more-so the inclusion of malicious files in the zip archives that a PHP script would read. That said, we do provide a list of system administration service companies if you'd like specific security-related advice:

    System Administration Services | cPanel Forums

    Thanks!
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
    #4 cPanelMichael, Jan 23, 2017
(You must log in or sign up to post here.)
Loading...
Similar Threads - security threats enabling
  1. coursevector

    Horde Webmail Security Vulnerabilities?

    coursevector, May 23, 2019 at 3:09 PM, in forum: Security
    Replies:
    1
    Views:
    53
    cPanelLauren
    May 23, 2019 at 4:10 PM
  2. weblinks

    ModSecurity persistent IP database size alert

    weblinks, May 19, 2019 at 8:12 PM, in forum: Security
    Replies:
    2
    Views:
    122
    internetbug256
    May 24, 2019 at 4:21 PM
  3. Sinus Pi

    Security concern: PHP disabled while provisioning new modules

    Sinus Pi, May 17, 2019, in forum: EasyApache
    Replies:
    2
    Views:
    132
    Sinus Pi
    May 20, 2019 at 5:35 PM
  4. webdsn

    How to force enable modsecurity for all User

    webdsn, May 15, 2019, in forum: Security
    Replies:
    3
    Views:
    141
    cPanelLauren
    May 22, 2019 at 9:02 AM
  5. QubeRoot

    Security Advisor email notifications not working?

    QubeRoot, May 9, 2019, in forum: E-mail Discussion
    Replies:
    6
    Views:
    329
    cPanelLauren
    May 14, 2019

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Accept Learn More...
    Dismiss Notice