Is It Safe To Enable Exec()

Jun 21, 2009

I am trying to install gallery 2.3 and it requires exec() to be enabled for some functions. Is it safe to enable it in php.ini?

In php.ini file I see this, disable_functions = symlink,shell_exec,exec,proc_close,proc_open,popen,system,dl,passthru,escapeshellarg,escapeshellcmd

I have CentOS running on my VPS.

View 13 Replies


ADVERTISEMENT

Safe To Enable SMP In FreeBSD 6.2 Kernel

May 28, 2007

Ok first thing I have a P4 3.0ghz server and i assumed it has HTT feature in it but correct me if Im wrong with this dmesg

Code:
Copyright (c) 1992-2007 The FreeBSD Project.
Copyright (c) 1979, 1980, 1983, 1986, 1988, 1989, 1991, 1992, 1993, 1994
The Regents of the University of California. All rights reserved.
FreeBSD is a registered trademark of The FreeBSD Foundation.
FreeBSD 6.2-RELEASE-p5 #0: Sun May 27 03:15:00 UTC 2007
root@:/usr/obj/usr/src/sys/SharkTECH6
Timecounter "i8254" frequency 1193182 Hz quality 0
CPU: Intel(R) Pentium(R) 4 CPU 3.00GHz (2999.68-MHz 686-class CPU)
Origin = "GenuineIntel" Id = 0xf41 Stepping = 1
Features=0xbfebfbff<FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,C
MOV,PAT,PSE36,CLFLUSH,DTS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE>
Features2=0x441d<SSE3,RSVD2,MON,DS_CPL,CNTX-ID,<b14>>
Logical CPUs per core: 2

Anyways the kernel it is using now has SMP disabled. Now i heard and from google searches that enabling SMP when you have an HTT processor is bad since I heard that there some kind of exploit and vulnerability. But this was back in 2005 and im not sure if it's fixed yet. Is anyone using a P4 with HTT with SMP enabled in their kernel as a dedi server? Some people also said that it lowers performance. This server mainly runs on WHM, apache, mysql, mail, and php.

View 3 Replies View Related

Php Build As Cgi With Exec

Apr 16, 2009

I have build PHP as CGI but now the function exec says with every command like uptime this error: [Thu Apr 16 10:28:37 2009] [error] [client xxx.xxx.xxx.xxx] sh: uptime: command not found

This also happens when I do the command convert (yes Imagemagick is installed). Strange enough when I login with the permissions of the exame user I can do the commands through SSH without any problem.

I use DirectAdmin with custombuild. How can I resolve this? Am I required to build PHP to CLI to use the exec command?

View 7 Replies View Related

How Many Hosts Have PHP Exec() Disabled

Dec 5, 2008

My happiness with Innohosting (as a reseller) has come to a screeching halt when I found they've disabled exec(). This has sunk my plans to use Typo3 and Gallery for a website I'm creating for a client as they use Imagemagick through exec(). Rather than reconfigure them to use gdlib (possible?) instead, I'm inclined to look for a host that allows exec().

I've asked Innohosting about applying the PHP exec_dir patch found here:[url]

And discussed here:[url]

I'm waiting for them to get back to me. I hope it's a solution as Innohosting seem great otherwise.

Failing all else, how many hosts have PHP exec() disabled? Is this common?

View 7 Replies View Related

Client Exec Installation

Apr 6, 2008

I want to install Client Exec in my Cpanel.

View 2 Replies View Related

How To Open Curl-exec In1 Site

Apr 6, 2009

i need open curl-exec in one site in server

Configured Value for php

PHP 5 Handler dso

View 0 Replies View Related

Backup Exec Scheduled Not Running

Dec 15, 2008

I have a client that is running backup exec. They have 2 scheduled jobs in the system. One of them runs, and one does not.

It is skipping over the job. If you watch the timer for the backups, it counts down, 2 mins, 1 min. Then jumps to 60 mins. No errors or anything reported in the logs.

Again, the other backup job runs perfectly fine and a manual job runs as well.

View 3 Replies View Related

Can Not Update Packages: Exec Failed: Warning: ....

Jul 1, 2009

I have been having a lot of problems with my server lately. Today I attempted to update container software. The operation failed with this output:

Operation update with the Env(s) "server.[site].com" is finished with errors: Can not update packages: exec failed: warning: /etc/issue created as /etc/issue.rpmnew warning: /etc/issue.net created as /etc/issue.net.rpmnew error: /etc/httpd/logs expected to be a regular file, lstat() returned 40000 error: unpacking of archive failed on file /etc/httpd/logs: cpio: rename failed - Is a directory warning: /etc/yum.conf created as /etc/yum.conf.rpmnew Error in Transaction: One or more rpm failed. Error: /usr/share/vzyum/bin/yum failed, exitcode=1 .

I am slowly learning how to use Linux and the SSH terminal to manage my server... but this beyond me...

(I wonder if it has anything to do with the "segmentation faults" that have been occurring.)

View 0 Replies View Related

Disable Functions :: Show_source, System, Shell_exec, Passthru, Exec ...

Jun 13, 2008

How to disable those functions on VPS with Lxadmin and CentOS 5
show_source, system, shell_exec, passthru, exec,
phpinfo, popen, proc_open, base64_decode, base64_encodem, proc_terminate

View 9 Replies View Related

PHP Safe Mode On Or Off

Nov 6, 2009

What is the best option in the php setting does keeping the php function safe mode on or off?

View 12 Replies View Related

Php Safe Mode

Apr 9, 2009

i need to enable php safe mode on for my joomla and i came across this

Quote:

When the php safe mode is turned off globally by default at our server end, you can still override the setting to turn it ON for only your domain by just insert the following line inside the ".htaccess" file (at Linux server):

Code:

php_value safe_mode "1"

my joomla .htaccess file:

Quote:

##
# @version $Id: htaccess.txt 10492 2008-07-02 06:38:28Z ircmaxell $
# @package Joomla
# @copyright Copyright (C) 2005 - 2008 Open Source Matters. All rights reserved.
# @license http://www.gnu.org/copyleft/gpl.html GNU/GPL
# Joomla! is Free Software
##

#####################################################
# READ THIS COMPLETELY IF YOU CHOOSE TO USE THIS FILE
#
# The line just below this section: 'Options +FollowSymLinks' may cause problems
# with some server configurations. It is required for use of mod_rewrite, but may already
# be set by your server administrator in a way that dissallows changing it in
# your .htaccess file. If using it causes your server to error out, comment it out (add # to
# beginning of line), reload your site in your browser and test your sef url's. If they work,
# it has been set by your server administrator and you do not need it set here.
#
#####################################################

## Can be commented out if causes errors, see notes above.
Options +FollowSymLinks

#
# mod_rewrite in use

RewriteEngine On

########## Begin - Rewrite rules to block out some common exploits
## If you experience problems on your site block out the operations listed below
## This attempts to block the most common type of exploit `attempts` to Joomla!
#
# Block out any script trying to set a mosConfig value through the URL
RewriteCond %{QUERY_STRING} mosConfig_[a-zA-Z_]{1,21}(=|\%3D) [OR]
# Block out any script trying to base64_encode crap to send via URL
RewriteCond %{QUERY_STRING} base64_encode.*(.*) [OR]
# Block out any script that includes a <script> tag in URL
RewriteCond %{QUERY_STRING} (<|%3C).*script.*(>|%3E) [NC,OR]
# Block out any script trying to set a PHP GLOBALS variable via URL
RewriteCond %{QUERY_STRING} GLOBALS(=|[|\%[0-9A-Z]{0,2}) [OR]
# Block out any script trying to modify a _REQUEST variable via URL
RewriteCond %{QUERY_STRING} _REQUEST(=|[|\%[0-9A-Z]{0,2})
# Send all blocked request to homepage with 403 Forbidden error!
RewriteRule ^(.*)$ index.php [F,L]
#
########## End - Rewrite rules to block out some common exploits

View 3 Replies View Related

Is It Safe To Remove All Of /tmp

Jul 6, 2009

My /tmp on my cPanel hosting server is nearly full, and I was wondering if it is safe to remove all the contents in /tmp, if not, what can I delete to clear up the space?

View 6 Replies View Related

755 Permission :: Is This Safe?

Feb 15, 2008

Most of my files are 755 as permission. Is this safe?

How about putting all files under 644 permission? What is the best permission so that all files are safe from intrusion?

View 8 Replies View Related

Safe Mode VPS

Aug 30, 2008

I have a script that needs safe mode off to run, the script writers have said safe mode is disabled as default and not required and even disabled in php 6

Now I'm not to fimular with Safe mode, all I know is most scripts are wrote to work with this on

View 4 Replies View Related

Safe Mode On Or Off

Jun 3, 2008

Should i switch safe mode on or off . Right now i am using it as on some one told me if i switch it off then server can easily hack but becoz i switch it on im having too much problem specially users of sites having problem of uploading and wordpress also have issue and some more script what you say what should i do?

View 9 Replies View Related

How To Safe Mode On/off

May 13, 2007

how can i make "safe mode on/off" using .htaccess?( in SharedHosting )

View 1 Replies View Related

PHP Safe Mode

Nov 27, 2007

I would like to know as to whether or not you have php safe mode turned on? If you do, please specify why, and would you allow your clients to turn it off?

View 13 Replies View Related

Php.ini In Public_html, Safe

May 12, 2007

I'm a customer and don't know much about server management, so like title says, is it okay to put php.ini in public_html?

View 14 Replies View Related

PHP Safe Mode - On Or Off

Sep 17, 2007

I searched but couldn't find much - should you run PHP with safe mode on or off on a shared (Linux) server?

View 3 Replies View Related

Hacker Safe Host

Mar 25, 2008

As with many sites. my site was hacked recently. my host was so negative about this. they didn't notice the hack attempt although it took the hacker 9 hours to break through.

after that I made some search on my host to find that it is not a real host at all. they are just resellers to another company. I was very disappointed, Then I decided to go to a better host who can protect me from hackers.

I read some threads about 'hacker safe host' but they all in general don't give a real name of trusted 'anti-hackers' companies.

can you guide me to some of the famous hosts?

if you can't my friends got a VPS hosted with WestHost. he offered me to move my site to his VPS. is west host trusted about hackers?

View 14 Replies View Related

Safe Mode For A Domain

Aug 2, 2008

i have a cpanel server.. can any one tell me how to allow safe mode to a specific domain?

View 1 Replies View Related

Safe Mode OFF And Open_basedir Set...

Jan 18, 2008

I am going to run a free host, yes I know I should post this in FWHT but well, they dont answer very fast if at all.

It is very dangerous to have Safe Mode OFF on a free host, but someone was telling me about open_basedir, which makes it so they cant touch any files set outside of open_basedir. Would this be suffiecient to keep them from touching others files? I know I need to disable other functions like exec() and stuff but would open_basedir keep hackers away from others files and hacking them...

View 7 Replies View Related

Safe To Delete These Files

Feb 12, 2008

I am running my VPS on direct admin panel, my disk space is going low, so i am deleting few junk / log files

Kindly let me know

1) is it safe to delete data of this directory -

/var/log/httpd/domains

The File names in above directory are such as - " domain.com.bytes "

As it is occupying 600 MB space

2) where can i delete much junk / temp files, to free up space.

View 5 Replies View Related

AWBS Vb Safe Mode

Aug 11, 2008

To Install www.awbs.com scripts to my server

How Can I Do This Following to one site on My server

safe_mode Off
allow_url_fopen On
session.auto_start Off

tell Me that i can do that from httpd config

View 4 Replies View Related

Php Safe Mode OFF And Security

Oct 2, 2007

I have found on one webhost that they have very cool feature:

Here is what they say:

Quote:

Browsing through any webhost related forum will reveal that giving safe mode off poses extreme security risk to the server. Because it offers hackers a great advantage to access any other members account or read their sensitive files which usually contain passwords.

But then some genuine scripts won't work with safe mode ON. Meaning you could turn it on per member requests but that takes lots of labor.

So we completely reprogrammed the safe mode PHP source code and recompiled it. As a result ours safe mode OFF is light-years safer & hacker-proof then standard PHP v5 safe mode ON.

So all our members are getting safe mode OFF, with harder security then those hosts who offer Safe Mode ON.

So now I am wondering, how they did that? I have searched forums and Google for lots of different keyword but haven't found anything.

I believe a lot of you running Apache as nobody and having php save mode OFF. It there any way you protect yourself? phpsuexec is not a solution now as it increasing load.

View 8 Replies View Related

Is It Safe To Put /usr/local/bin In Basedir

Nov 7, 2007

I am trying to assist a customer install a Dolphin CMS but it returns some "open_basedir restriction in effect" on /usr/local/bin/php (it needs the path to the PHP binary).

If I put /usr/local/bin/php in httpd.conf -> php_admin_value open_basedir "..." it seems to work and it finds the required binary but...is this safe?

View 10 Replies View Related

Calpop Not Work Safe

Sep 19, 2007

I stumbled upon this through google images...click as you wish. They are clothed, just riskay. And in calpop! LOL! I wonder who that guy is? Yes, off topic I know. Maybe a repost.

[url]

View 14 Replies View Related

Which Files In /var Are Safe To Delete

May 5, 2007

I have WHM 11.1.0 cPanel 11.2.1-C11635
FEDORA 4 i686 - WHM X v3.1.0

My /var partition is over 64% full. 2 directories in there show a lot of space being used.

One of these is /var/lib/mysql
du -h --max-depth=1 #
shows user accounts on the server with their database names. Are these just logs, or are they the actual databases? (Probably dumb newbie question)

The other big one is /var/log/munin Is there anything there I can delete?

View 14 Replies View Related

Seeking About Security & Safe Company

Apr 9, 2009

I need to ask, what's best company of Secuity and Safe servers.

So I hope any one can answer my seeking.

View 3 Replies View Related

What Is Safe Hosting: Dedicated, VPS Or Reseller

Aug 17, 2008

I had VPS from SolarVPS a year ago and I found that it requires full attention since it wasn't stable like dedicated server. So, I had to keep an eye on the server and websites where some technical problems happened. These problems like websites stopped working suddenly, email problems, Mysql permissions etc.

I totally agree that SolarVPS has a fantastic support and very quick. They supported me all over the past period. But, a week ago one of my client’s website was used for phishing Paypal customers and it seems like a hacker used the mailing script for this website. Therefore, SolrVPS stopped my VPS immediately and I am still keep on contacting Abuse Department to clarify the situation and resolve the problem. However, all my clients are down now because they are affected by stopping my VPS.

My question here, since I wasn't be able to administrate security or look after the websites at my VPS, what shall I do to have a rest of mind from these problems and concentrate on sales and light support?

Shall I go for dedicated? VPS again? Reseller? However, I always need root access to my server for my technical purposes.

View 9 Replies View Related







Copyrights 2005-15 www.BigResource.com, All rights reserved