Some Functions Is Disabled.
Jun 29, 2007
My vps managed service has disabled this functions in php.ini :
Code:
exec, shell_exec, system, passthru,popen, virtual, show_source, pclose
I asked them why these disabled and the answer was "because of security reasons" .
So for example a Joomla installation with working RSS needs some of these functions and when I install vary php programs I face some strnge problems that I think it may be from these disabilities .
So my question is could these functions usually be disabled ? and may I delete them from disable_functions of php.ini
View 7 Replies
ADVERTISEMENT
Jul 4, 2008
i have disbaled many functions in php.ini settings ! for security!
but i need to use some of the functions for my billing System!
how can i enable all the functions just for an account? or a directory!
View 0 Replies
View Related
Aug 7, 2007
is it possible to set the disabled functions list for PHP in apache's HTTPD.conf per virtual host? i want a bunch of functions disabled for everyone except the default host (me).
I tried the php_admin_value way and when i look at phpinfo() it shows that the master is disabled and the local is not disabled (exactly what i want) but they arnt actually enabled for me
View 14 Replies
View Related
Jul 26, 2007
about DNS functions. I know what the DNS is, but some part of it I am confused.
Here is situation.
AAA.com - Master
BBB.com - Reseller
Now, BBB's clients point their DNS to ns1.BBB.com, ns2.BBB.com
However, when I check BBB's whois, it shows BBB has ns1.AAA.com, ns2.AAA.com
So, BBB's clients know BBB is reseller. How can I show ns1.BBB.com, ns2.BBB.com?
I believe it's DNS function, right?
so I tried to edit DNS following:
Domain TTL Recordtype
BBB.com 86400 NS ns1.BBB.com (default was ns1.AAA.com)
BBB.com 86400 NS ns1.BBB.com (default was ns2.AAA.com)
Is it correct?
however, I checked BBB's whois, but it's still showing up ns1.AAA.com, ns2.AAA.com
View 3 Replies
View Related
Nov 24, 2008
It seems that some tsearch2 functions are inaccessible such as a set of rank() funcs. The default definition for one of the functions is shown in the following snippet of
code:
CREATE OR REPLACE FUNCTION rank(real[], tsvector, tsquery)
RETURNS real AS
'$libdir/tsearch2', 'rank'
LANGUAGE 'c' IMMUTABLE STRICT;
I've tried to execute this script shown above and got the following error:
ERROR: permission denied for language c
rpm -qa | grep postgresql
postgresql-devel-8.3.5-1PGDG.rhel4
postgresql-server-8.3.5-1PGDG.rhel4
postgresql-8.3.5-1PGDG.rhel4
postgresql-libs-8.3.5-1PGDG.rhel4
postgresql-plpython-8.3.5-1PGDG.rhel4
View 2 Replies
View Related
Sep 15, 2007
Does the below look good for a private server (linux, cpanel, phpsuexec disabled)?
disable_functions = show_source, system, shell_exec, passthru, phpinfo, popen, proc_open
What about a shared hosting server (linux, cpanel, phpsuexec *enabled*)?
disable_functions = show_source, system, shell_exec, passthru, phpinfo, popen, proc_open
View 2 Replies
View Related
Aug 26, 2007
My site is running with php scripts It's work fire at bluehost but get some error when i move to new VPS .
Quote:
Warning: fputs(): supplied argument is not a valid stream resource in /home/xxx/public_html/home/admin/update_categories.php on line 171
Warning: fclose(): supplied argument is not a valid stream resource in /home/xxx/public_html/home/admin/update_categories.php on line 173
Warning: fputs(): supplied argument is not a valid stream resource in /home/xxx/public_html/home/admin/update_categories.php on line 225
Warning: fclose(): supplied argument is not a valid stream resource in /home/xxx/public_html/home/admin/update_categories.php on line 227
I want to enable these functions fopen(),fputs(),fclose(),fputs(),fclose() but i don't know how to enable them .Could you tell me details
View 2 Replies
View Related
Jun 24, 2009
Are there companies out there that allow unlimited emailing capabilities on a VPS server? What kind of budget would be best to get this capability? Am I better of going with a dedicated server?
View 1 Replies
View Related
Jun 10, 2009
Is it possible to disable mod_security and open_basedir thru .htaccess if both are enabled in server configuration?
View 3 Replies
View Related
Apr 23, 2009
In the php.ini ive disabled several functions for security reasons but i need to enable exec() and shell_exec() for WHMCS Status, but i dont want it enabled for anything or anyone else. I know you can over ride global php.ini but i preferably dont want that on and also i forgot where that option is but i was wondering if there was any work arounds or would i have to enable exec() and shell_exec() globally or enable php.ini override.
View 3 Replies
View Related
Jul 29, 2007
When dealing with the security of your server you will eventually get to the part were you will want to disable some php functions. The only problem on shared hosting is that you cannot disable exec for a domain and enable that function for an other that needs it because of some lame script. Eventually you will get to the part were you will need to enable exec on the entire server because of one site.
There is a solution to this and it’s called suhosin.
Suhosin has a configuration variable called ”suhosin.executor.func.blacklist” which can be used to disable some php functions. The difference between this variable and disable_functions in php.ini is that it can be set for all the sites and then it can be modified for a domain only (it can be overwritten) so you will be able to disable exec on the entire server and enable that function for a single domain.
I will not write here how to install suhosin.
Also, you only need the extension for this so you do not need to patch php and recompile.
IMPORTANT: I have noticed that the suhosin extension 0.9.20 will not work anymore as there are some problems with it. It’s ok as long as we have 0.9.18. Probably the next version of the extension will be fixed to work ok again so remember to use version 0.9.18 for this until the problem is fixed.
Ok, so to use suhosin as the php function blocker we need to comment out disable_functions in php ini (yes, enable all the functions) and then set in php.ini
suhosin.executor.func.blacklist to something like this:
suhosin.executor.func.blacklist = exec, passthru, shell_exec, system, pcntl_exec, proc_open, proc_nice, proc_terminate, proc_get_status, proc_close, leak, apache_child_terminate, posix_kill, posix_mkfifo, posix_setpgid, posix_setsid, posix_setuid, escapeshellcmd, escapeshellarg
You can add as many functions as you like.
After that, all the functions added in suhosin.executor.func.blacklist will not work anymore in php scripts. If you need to enable a function for a domain, let’s say
exec, you will have to edit apache configuration file and add suhosin.executor.func.blacklist without the exec function:
<VirtualHost 127.0.0.1>
ServerAlias www.test.com
ServerAdmin webmaster@test.com
DocumentRoot /home/test/public_html
php_admin_value suhosin.executor.func.blacklist "passthru, show_source, shell_exec, system, pcntl_exec, popen, pclose, proc_open, proc_nice, proc_terminate, proc_get_status, proc_close, leak, apache_child_terminate, posix_kill, posix_mkfifo, posix_setpgid, posix_setsid, posix_setuid, escapeshellcmd, escapeshellarg"
</VirtualHost>
Now exec is disable on the server but it’s enabled on the test domain.
View 0 Replies
View Related
Mar 16, 2008
how to make MySQL functions in PHP in server,bcz when i intall VB in my dedicated server it comeing is there is any option in WHM to chnage these funtion!
View 14 Replies
View Related
Jun 13, 2008
How to disable those functions on VPS with Lxadmin and CentOS 5
show_source, system, shell_exec, passthru, exec,
phpinfo, popen, proc_open, base64_decode, base64_encodem, proc_terminate
View 9 Replies
View Related
Aug 17, 2014
I'm using Parallels Plesk 12.0 and a mysql-Server.
I'm logged in with a customer's account into his phpmyadmin. Whenever a client connects to his website (which uses the database of his account) I get logged out and receive a "session expired" error. When I log in again I get "there's already a user with your username logged in".
View 4 Replies
View Related
Oct 23, 2008
I went with the cheapest VPS, no control panel and installed webmin myself (done - saves a quid a month )
I have now setup the virtual domains for multiple domain hosting, to find whilst migrating a website that the current install of php (5.12ish) has --without-mysql
so i got the php install files, went to run ./config to find i'm missing required files
(configure: error: Could not find pcre.h in /usr)
which in turn required more files
the resolution rpms are out of the question too many, I need YUM
yet...
bash: yum: command not found
strange as centos comes with yum i thaught
support is busy, thaught i'd try here
-------------------------------------------------
Me:
Web Designer
Only linux experience prior is Yellow Dog Linux
No prior experience in VPS
VPS:
centos 5
minimum spec
now with webmin
View 7 Replies
View Related
Feb 7, 2008
Last night MySQL Crashed, and when the guy that I share the server with found out, he simply restarted the server (because he doesnt know any better). I went to check my email this morning and it wasnt connecting, I assumed the pop3 server or exim was in need of a restart, but when I went to restart pop3, this came up:
Attempting to restart cppop
Waiting for cppop to restart.... . . . . . . . . . . finished.
cppop status
couriertcpd is disabled
Service: [cppop] has been disabled by the sys admin
So, I re-enabled cppop (can't imagine why it would have disabled itself) and still nothing, I looked up couriertcpd to re-enable as well, but found nothing about enabling/disabling it on google.
View 1 Replies
View Related
May 20, 2007
I am hosted at EuroVPS from my reseller. I have noticed that my disk space has high usage 150MB whereas real usage should be around 30MB. Then I tried report service which stated disk usage is 30MB and Log report is 120MB. I said no problem let delete those Log files where I bumped to a problem, Log rotation is disabled and there is no X (delete button). In few years I could reach to maximum disk usage and disabilty to upload files and etc..
What to do now? I don't have password for support at EuroVPS since I am not reseller and my reseller isn't replying).
View 3 Replies
View Related
Oct 15, 2009
Recently your account was utilizing excessive resources and putting load on server, making it unstable. Details are as follows:
A detail of the problem is shown below as:
CPU: 4.34 %
Memory: 0.97 %
Mysql: 4.1 %
My account information:
Disk Space Usage 2642.17 Megabytes
MySQL Disk Space 27.80 Megabytes
Bandwidth (this month) 13591.15 Megabytes
After Lunarpages disabled my index.php file to shut down my site, I transferred my download files to an Online Hard Disk -- Skydrive. With only dozens of IPs per day, the CPU usage will not be excessive.
I don't know if this can solve the problem and let them open my site again. Now with almost two days passed, and still no reply, I get worried.
View 14 Replies
View Related
Dec 5, 2008
My happiness with Innohosting (as a reseller) has come to a screeching halt when I found they've disabled exec(). This has sunk my plans to use Typo3 and Gallery for a website I'm creating for a client as they use Imagemagick through exec(). Rather than reconfigure them to use gdlib (possible?) instead, I'm inclined to look for a host that allows exec().
I've asked Innohosting about applying the PHP exec_dir patch found here:[url]
And discussed here:[url]
I'm waiting for them to get back to me. I hope it's a solution as Innohosting seem great otherwise.
Failing all else, how many hosts have PHP exec() disabled? Is this common?
View 7 Replies
View Related
Sep 26, 2008
I hosted three domains in dreamhost for at least two years. Several days ago, some guy (registered in one of my websites) complained to dreamhost that I was sending a spam email to him and then Dreamhost disabled my account. I don't even have access to my data now.
The email I sent to that guy was just a regular newsletter of my website. The dreamhost staff Karl said that I should provide proof that users of my website should have confirmation on their registration and I should record their registration IP as well as registration date. Well, my website indeed was designed with such feature. After registration, users will receive a confirmation email on their registration. They should click on a link in the email to activate their account. And we designed the database so that the registration IP and date will be recorded.
However, the dreamhost staff said that not all the fields of IP&date are filled with data, some are blank. Then it must be the problem of our PHP script, not our original purpose, because we designed the database for that.
Now dreamhost disabled my account forever. No response for my emails with questions. No backup for my data that I worked for everyday. I just can't ever believe such a famous hosting provider would act like this. I don't even have a chance to have my data back. I don't even have a chance to correct my PHP script so that the problem will not occur any more.
View 14 Replies
View Related
May 13, 2008
i have share account ssh my friends, but my friend had been disable ftp by firewall. how to reopen sevices ftp and remove rules disable ftp.
View 5 Replies
View Related
Jul 2, 2007
If APF is running, but iptables is not. Will it then even work if it's not in monolythic kernel?
When i check the iptables status, i see: # service iptables status
Firewall is stopped.
Someone is assisting me with security installs on my server, and he told me it's is normal? I thought APF is an iptables based script, so iptables must be enabled?
View 0 Replies
View Related
Jul 22, 2007
I'm running into a strange problem. I've copied this code from rentyourdot.com and it uses curl and also file_get contents. I keep seeing this:
Warning: include() [function.include]: URL file-access is disabled in the server configuration in
Now i have access to change anything on the server, and both these are set to on in phpinfo.
allow_url_fopen = On
allow_url_include = On
I also have another script that uses file_get_contents to get a remote url and its working fine. Any clue why its even coming up with that error?
View 1 Replies
View Related
Oct 24, 2009
im able to login to root via SU perfectly
One problem: All my old files and folders are owned by ROOT so that means my SU account named XXX cant edit/add/delete anything from my SFTP because of folder/file permission.
Is there anyway my SUDO(wheel) account can still edit these files own by ROOT?
View 3 Replies
View Related
Dec 31, 2007
I have problem with one of our clients, they have disabled network card and of course lost access to windows server. After reboot it looks that it doesn;t auto-start net.
Server is at ovh and there is problem with theirs support (they don;t support windows - or maybe they don;t know how to click on network card at enable).
We have started kvm but it is activated in some virtual network and in network connections is only some "local connection 2" with local address 10.x.x.x
How we can remotly enable/restore network after normal system start ?
Is there any command that we can add to autostart that can enable network, or maybe there is some another way to fix this (change some registry key that network will be activate after restart or sth).
View 2 Replies
View Related
Dec 15, 2014
We are having an issue with websites randomly getting disabled within our PPA system. There doesn't seem to be any reason why they are getting disabled. Our PPA is not tied to a billing system that would make them shut off. Turning them back on works fine but it shouldn't be just shutting them off.
View 2 Replies
View Related
Dec 7, 2008
server outside of US has this ping bellow
Is this OK? or painful for users to reach it?[url]
View 12 Replies
View Related
Jul 3, 2008
Currently I have a server that has direct root SSH access disabled (have to login as regular user then su to root), but I am currently working on setting up authentication via SSH keys, but I can't seem to get it working with direct root SSH access disabled? Is this normal, and if so is there anyway to work around it?
Basically I'd like to be able to authenticate both ways; both with SSH keys or by logging in as a regular user and su to root.
View 8 Replies
View Related