The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

What are the security threats of enabling php zip extension?

Discussion in 'Security' started by Mugoma, Jan 16, 2017.

Tags:
  1. Mugoma

    Mugoma Well-Known Member

    Joined:
    Aug 1, 2016
    Messages:
    74
    Likes Received:
    4
    Trophy Points:
    8
    Location:
    Nairobi
    cPanel Access Level:
    Root Administrator
    By default EasyApache doesn't compile with php zip extension.

    But we have had several users asking for it.

    Are there any risks of enabling php zip extension?
     
    #1 Mugoma, Jan 16, 2017
  2. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    37,029
    Likes Received:
    1,277
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    #2 cPanelMichael, Jan 16, 2017
  3. Mugoma

    Mugoma Well-Known Member

    Joined:
    Aug 1, 2016
    Messages:
    74
    Likes Received:
    4
    Trophy Points:
    8
    Location:
    Nairobi
    cPanel Access Level:
    Root Administrator
    I had already seen that link.

    The link discusses about zip file uploads while my question is about 'PHP zip extension'. I am not conversant with the extension but don't think it has anything to do with uploading files.
     
    #3 Mugoma, Jan 16, 2017
  4. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    37,029
    Likes Received:
    1,277
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Hello,

    I'm not aware of any security issues with the PHP Zip extension itself. The security discussion would likely relate more-so the inclusion of malicious files in the zip archives that a PHP script would read. That said, we do provide a list of system administration service companies if you'd like specific security-related advice:

    System Administration Services | cPanel Forums

    Thanks!
     
    #4 cPanelMichael, Jan 23, 2017
(You must log in or sign up to post here.)
Loading...
Similar Threads - security threats enabling
  1. Islandhosting

    SOLVED Missing security tokens with 66.0.x

    Islandhosting, Aug 15, 2017 at 3:35 PM, in forum: Security
    Replies:
    2
    Views:
    44
    Islandhosting
    Aug 15, 2017 at 4:40 PM
  2. Sametto Chan

    What is different mod_security and mod_security2?

    Sametto Chan, Aug 8, 2017, in forum: EasyApache
    Replies:
    3
    Views:
    70
    Sametto Chan
    Aug 8, 2017
  3. schoeps

    SOLVED OWASP ModSecurity v3 and v1?

    schoeps, Jul 31, 2017, in forum: Security
    Replies:
    2
    Views:
    83
    schoeps
    Jul 31, 2017
  4. Federico Barcelo

    cxs ModSecurity Scanning (disabled)

    Federico Barcelo, Jul 27, 2017, in forum: Security
    Replies:
    2
    Views:
    69
    cPanelMichael
    Jul 28, 2017
  5. Nirjonadda

    SOLVED Security Advisor scrolling in cPanel 66

    Nirjonadda, Jul 25, 2017, in forum: General Discussion
    Replies:
    4
    Views:
    80
    cPanelMichael
    Jul 25, 2017

Share This Page