I have a limited access to WHM because I'm with a resellet account, but I want to change the new account email that sends cpanel. Server has installer RVSkin if this helps...
I've looking in WHM but I didn't see anything...
Can you tell me where is this option? then I check out if I have it...
when I make open_basedir effect in whm > security center
I have in my script this problem :
Warning: tempnam() [function.tempnam]: open_basedir restriction in effect. File() is not within the allowed path(s): (/home/xxxx/:/usr/lib/php:/usr/local/lib/php:/tmp) in /admincp/misc.php on line 685Warning: fwrite(): supplied argument is not a valid stream resource in /admincp/misc.php on line 688Warning: fclose(): supplied argument is not a valid stream resource in /admincp/misc.php on line 689
when I disable it I have this other one problem :
Warning: fopen() [function.fopen]: SAFE MODE Restriction in effect. The script whose uid is 32010 is not allowed to access /tmp/vbthumbLTfVOk owned by uid ..
i get an error message for a site im trying to build.
id like to know if there are scripts i can upload myself to turn off safe mode and to sto the base dir thing.
i understand this can be done in php.ini and htaccess.
Warning: curl_setopt() [function.curl-setopt]: CURLOPT_FOLLOWLOCATION cannot be activated when in safe_mode or an open_basedir is set in /home/g/public_html/term-sample.php on line 58
i got hosting with cPanel Control panel i have some problem with this hosting because its "register_globals" disabled , i need to enable the "register_globals" on my hosting ,
I get the following security warnining in my Joomla installation:
PHP register_globals setting is `ON` instead of `OFF`
From what I have read this is a big security risk and it is something that the host can easily turn off. Why wouldn't my host have this turned off?
I was told by live chat that I could overide with my own php.ini file, but I know nothing about php or php.ini files. I read in a forum that I would have to place this file in EACH directory of my Joomla installation where a php file exists. I don't even want to think about what a pain that is. Also, everytime I add an extension I have to repeat the process? I've also read that this may interefere with several extensions.
Isn't there an easier way to do this?
I read that the host can configure their servers so that you would only have to place the file in one directory or that you would only have to edit the .htaccess file
I just switched to Hostgator and I didn't have this problem with my old host. Should I try to find a new host that has better security?
I really don't know what I'm doing or where to begin with this. I'm probably just misunderstanding something. Can you please help me understand this?
On my server (cpanel/whm php version 5) I need phpsuxec enabled so Configure Suexec and PHP I have suxec as on and php handler as cgi.
The problem is that enabling of register_globals through .htaccess file of cpanel accounts is not working. I have tried all kinds of commands as:
php_flag register_globals on
and even tried creating a php.ini » register_globals=on
and that still does not enable register_globals on an account. I do not want to enable register_globals centrally as I am aware that is a security threat.
But if I change to dso php handler that .htaccess code enables register_globals but then phpsuexec is not working.
The hacker just execute the perl file , and then he called the "test.txt" file through internet explorer , and its done , he can read the file easily !
We tried to :
1- run php as CGI module. 2- run SUPHP module. 3- run php as apache module. 4- enable open_basedir and safe_mode.
But the hacker still can bypass the system!
the only solution is to disable /usr/bin/perl , chmoded it to 700 . but thats caused a broken cpanel!
as it requires it to be at 755 for proper operation, since it is used by customers as well when it suexec into the user when they log into cPanel. and so we cannot change it to that setting (700), since it breaks the entire system.
So is there any way to stop the "symlink" perl function?
Dreamhost accounts have PHP register_globals turned on by default. I tried to override that and have register_globals turned off by putting this line
register_globals = Off in a php.ini file placed at the web root. But phpinfo() still shows register_global as on. How do I turn off register_globals in Dreamhost?
Today I have a customer want to swich the register_globals on on his account ,,, i'm running PHPSuExec and running php as cgi not as Apache module , and as you know using php as cgi will cause internal error 500 if some one add php_flag register_globals on to .htaccess file.
what is the soluation to switch register_globals on for his account only without using the .htaccess file.
put in mind the php files that need the register_globals to be on is encrypted with zend , so we does not have access to it for modification.
The problem appeared from register globals, in the shop oscommerce after the actualization PHP to the version 4.4.5 information appears me: FATAL ERROR: register_globals is disabled in php.ini, please enable it! and if I add: php_flag register_globals On to the file .htaccess this: one can not display page.
I would like to know how to allow customers to use their own php.ini file. I have had hosts in the past that allowed you to use a custom php.ini file so long as you put it in every directory that you would need to use it.
I was just trying to figure out how this is done as I am new to all of this and trying to learn.
I'm using CentOS 5, Cpanel/WHM with php as cgi, when i try to put a php.ini file to to custom php for one account and it overwrite main setting on our server, someone use this bug to run c99 and try local attack other account, i've try fix this problem by edit /opt/suphp/etc/suphp.conf and set phprc_paths to /usr/local/lib/. But when i do this, php.ini in my custom account doesnt work any more... How can i custom php for one account and it not effect to main setting to prevent local attack?
I have a reseller account on a server, and I have a client who needs to used a custom php.ini file to set the session.save_path variable. He has created this file and placed in the public_html folder, but this path still comes up as 'No Value' and the Configuration File Path still reads '/usr/local/Zend/etc/php.ini '.
What do I need to do to get this site to read from the correct php.ini file? I tried setting this in the .htaccess file, to no avail.
We just got a dedicated server, my first time messing with anything dedicated though I've had WHM before. I have 4 domains I'd like to setup to point to this. But I'd prefer our company URL to host the name servers. Domains are registered through enom who will allow me to setup the name servers.
I'm trying to use the "Nameserver IPs" section in WHM to setup the name servers but it just sits and "works" but never actually finishes. Does my company URL need to be pointing to the server before doing this?
I'm just starting doing web pages as a side business. What I'm wondering is if I should pay for the monthly fees for the web hosting and just charge the customer for design and maintance?
or
Should I get the customer to buy their own web hosting and the site gets uploaded to that site and they pay for the hosting?
As you can see I'm really new to this. I'm thinking of getting the "power" plan from [url]so I can upload and create multiple websites for different customers?
What do you people typically do for small business maybe only 2-5 customers?
I am currently in the process of transferring my sites to a new host (Liquidweb). On my old server I used my host's nameservers, whereas Liquidweb STRONGLY recommends (two or three times in the "account info" email) that I create custom ones on their server.
So for one of my domains, I created an account in WHM, created ns1 and ns2 nameservers in WHM, created the nameservers for the domain (in Tucows/Opensrs) and changed the domain to use it's own nameservers. (ie x.com uses ns1.x.com & ns2.x.com) That all seems be working fine now; ie, typing x.com in my browser resolves to the new server.
This would lead me to believe that the new nameservers are ready to use and that I should be able to start using them for other domains too. But when I try to change the nameservers for any of my other domains in Opensrs I get this message:
"Unable to update nameservers: Nameserver ns1.x.com doesn't exists in the registry"
I would normally assume that the new nameservers just haven't propagated yet. (It's been 24-36 hours since I originally created them in Opensrs.) However, x.com is currently resolving correctly, and it's using ns1.x.com & ns2.x.com ... so why wouldn't I be able to change other domains to also use ns1.x.com & ns2.x.com?
Here's a WHOIS I just ran on completewhois.com for ns1.x.com:[NAMESERVER whois information for NS1.X.COM ] [rs.internic.net] Whois Server Version 1.3 Domain names in the .com and .net domains can now be registered with many different competing registrars. Go to[url] for detailed information. Server Name: NS1.X.COM IP Address: 72.52.###.### Registrar: TUCOWS INC. Whois Server: whois.tucows.com Referral URL: [url] >>> Last update of whois database: Fri, 14 Sep 2007 20:01:24 UTC <<< [whois.biz] Not found: NAMESERVER NS1.X.COM >>>> Whois database was last updated on: Sat Sep 15 00:33:44 GMT 2007 <<<<I don't mind waiting if the nameservers just have to propagate (is that why it says "not found" there?), but if that's the case why is my x.com site already resolving correctly using the new nameservers?! Is it just because its using its own nameservers? (If that makes any sense ...)
I have WHM/CPanel installed, that's what I used to add the nameservers and so on.
I'm trying to configure my newly acquired VPS and am having a hell of a time with it. I will be hosting several sites on this server, so I've ordered an extra IP so that I can run my own custom nameservers (and Lee doesn't have to bother with adding my domains to his system)
At my registrar, I've created two new nameservers (ns1.thatscriptguy.com and ns2.thatscriptguy.com) and pointed them to my server. I've added the additional IP to the system as eth0:0 and configured the domain. Here is a copy of my /var/named/thatscriptguy.com.hosts
Code: $ttl 30M
thatscriptguy.com. IN SOA ns1.thatscriptguy.com. kevin.thatscriptguy.com. (
1172728392
10800
3600
604800
30M )
thatscriptguy.com. IN NS ns1.thatscriptguy.com.
thatscriptguy.com. IN A 66.90.121.92
thatscriptguy.com. IN NS ns2.thatscriptguy.com.
ns1.thatscriptguy.com. IN A 66.90.121.92
ns2.thatscriptguy.com. IN A 66.90.121.253
www.thatscriptguy.com. IN CNAME thatscriptguy.com.
mail.thatscriptguy.com. IN A 66.90.121.92
mail.thatscriptguy.com. IN MX 1 thatscriptguy.com.
I recently signed up for hosting with ASO on a shared hosting plan with intentions to operate an SMF forum. Prior to going live, I would like to prepare for a possible upgrade to a VPS in the near future if the forum exceeds allowed resources on the shared platform, specifically the MySQL connections which appears to be set at 40. I am currently utilizing the ASO nameservers and was wondering the following:
If I setup custom nameservers at Namecheap and request likewise from ASO, when it comes time to switching to a VPS, can I perform the following and anticipate downtime only during steps 2 & 3?
1) Configure the VPS (including DNS)
2) Switch forum to maintenance mode and transfer data to VPS
3) Change the customer nameserver IP addresses at Namecheap
Basically, I want to verify that I won't experience the 24 to 48 hrs of downtime associated with changing nameservers. Additionally, are there any known disadvantages of having custom nameservers on a shared hosting plan?
