What are the security threats of enabling php zip extension?

Mugoma · Jan 16, 2017

By default EasyApache doesn't compile with php zip extension.

But we have had several users asking for it.

Are there any risks of enabling php zip extension?

cPanelMichael · Jan 16, 2017

Hello,

You can find discussion of this topic on the following third-party URL:

What are the security threats of zip file uploads and what preventive actions should be taken?

Thank you.

Mugoma · Jan 16, 2017

I had already seen that link.

The link discusses about zip file uploads while my question is about 'PHP zip extension'. I am not conversant with the extension but don't think it has anything to do with uploading files.

cPanelMichael · Jan 23, 2017

Hello,

I'm not aware of any security issues with the PHP Zip extension itself. The security discussion would likely relate more-so the inclusion of malicious files in the zip archives that a PHP script would read. That said, we do provide a list of system administration service companies if you'd like specific security-related advice:

System Administration Services | cPanel Forums

Thanks!

Thread starter	Similar threads	Forum	Replies	Date
D	prestashop (ecommerce) and mod_security - legitime ip blocked	Security	3	Sunday at 12:52 PM
C	root password and security policy	Security	5	Apr 29, 2021
F	SOLVED mod_security2 being intermittent	Security	2	Apr 29, 2021
R	cPanel ModSecurity False Positives & Missing Data...	Security	7	Apr 29, 2021
K	CenturyLink's hamfisted security ignoring domain aliases in SSL cert Alternate Names	Security	8	Apr 27, 2021

Search

Search

What are the security threats of enabling php zip extension?

Mugoma

Well-Known Member

cPanelMichael

Administrator

Mugoma

Well-Known Member

cPanelMichael

Administrator