PHP Safety Without SAFEMode

This goes in your php.ini files: disable_functions = passthru,shell_exec,system,proc_open,proc_close,popen

pico -w /etc/php.ini
pico -w /usr/lib/php.ini
pico -w /usr/local/lib/php.ini
pico -w /usr/local/cpanel/3rdparty/etc/php.ini
pico -w /usr/local/cpanel/3rdparty/lib/php.ini
pico -w /usr/local/Zend/etc/php.ini
Search for line: 'disable_functions'
alter for: disable_functions = passthru,shell_exec,system,proc_open,proc_close,popen

Then to wirte protect them:

chattr +i /etc/php.ini
chattr +i /usr/lib/php.ini
chattr +i /usr/local/lib/php.ini
chattr +i /usr/local/cpanel/3rdparty/etc/php.ini
chattr +i /usr/local/cpanel/3rdparty/lib/php.ini
chattr +i /usr/local/Zend/etc/php.ini

This will be pretty safe without needing safe mode


--- xwing777 - server matrix forums

Was this answer helpful?

 Print this Article

Also Read

How to use GREP

GREP   The name, "grep", derives from the command used to perform a similar operation,...

Mount /tmp as NOEXEC

If you are renting a server then chances are everything is lumped in / and a small amount...

Mod Security

Think of mod_security as an intrusion detection and prevention engine for web applications....

Disable Telnet

pico -w /etc/xinetd.d/telnet Note: (change disable = no to yes) Save and Exit /etc/init.d/xinetd...

Rootkit Hunter

download: # wget http://downloads.rootkit.nl/rkhunter-.tar.gz Note: It doesn't matter where you...