PHP Safety Without SAFEMode

This goes in your php.ini files: disable_functions = passthru,shell_exec,system,proc_open,proc_close,popen

pico -w /etc/php.ini
pico -w /usr/lib/php.ini
pico -w /usr/local/lib/php.ini
pico -w /usr/local/cpanel/3rdparty/etc/php.ini
pico -w /usr/local/cpanel/3rdparty/lib/php.ini
pico -w /usr/local/Zend/etc/php.ini
Search for line: 'disable_functions'
alter for: disable_functions = passthru,shell_exec,system,proc_open,proc_close,popen

Then to wirte protect them:

chattr +i /etc/php.ini
chattr +i /usr/lib/php.ini
chattr +i /usr/local/lib/php.ini
chattr +i /usr/local/cpanel/3rdparty/etc/php.ini
chattr +i /usr/local/cpanel/3rdparty/lib/php.ini
chattr +i /usr/local/Zend/etc/php.ini

This will be pretty safe without needing safe mode


--- xwing777 - server matrix forums

Was this answer helpful?

 Print this Article

Also Read

Mount /tmp as NOEXEC

If you are renting a server then chances are everything is lumped in / and a small amount...

Root Login Notification

- Edit the .bash_profile in the users directory ( in this case /root) commands: su - cd (just cd,...

Closing open nameservers

There should be a named.conf here. Make a backup of it, and the idea is to add some lines looking...

What ports should be open if I'm running my cPanel server behind a firewall?

Ports that must be open to run cPanel behind a firewall: 20 -- ftp tcp inbound/outbound 21 --...

How can I see a list of who has logged in to the server?

Use the last command.Example: last -30 will displaly the last 30 people.