Disable Php Functions

Sep 15, 2007

Does the below look good for a private server (linux, cpanel, phpsuexec disabled)?

disable_functions = show_source, system, shell_exec, passthru, phpinfo, popen, proc_open

What about a shared hosting server (linux, cpanel, phpsuexec *enabled*)?

disable_functions = show_source, system, shell_exec, passthru, phpinfo, popen, proc_open

View 2 Replies


ADVERTISEMENT

Disable Functions In .htaccess

Jun 10, 2009

Is it possible to disable mod_security and open_basedir thru .htaccess if both are enabled in server configuration?

View 3 Replies View Related

PHP Disable Functions Override

Apr 23, 2009

In the php.ini ive disabled several functions for security reasons but i need to enable exec() and shell_exec() for WHMCS Status, but i dont want it enabled for anything or anyone else. I know you can over ride global php.ini but i preferably dont want that on and also i forgot where that option is but i was wondering if there was any work arounds or would i have to enable exec() and shell_exec() globally or enable php.ini override.

View 3 Replies View Related

How-to Disable Php Functions Per Domain

Jul 29, 2007

When dealing with the security of your server you will eventually get to the part were you will want to disable some php functions. The only problem on shared hosting is that you cannot disable exec for a domain and enable that function for an other that needs it because of some lame script. Eventually you will get to the part were you will need to enable exec on the entire server because of one site.

There is a solution to this and it’s called suhosin.

Suhosin has a configuration variable called ”suhosin.executor.func.blacklist” which can be used to disable some php functions. The difference between this variable and disable_functions in php.ini is that it can be set for all the sites and then it can be modified for a domain only (it can be overwritten) so you will be able to disable exec on the entire server and enable that function for a single domain.

I will not write here how to install suhosin.

Also, you only need the extension for this so you do not need to patch php and recompile.

IMPORTANT: I have noticed that the suhosin extension 0.9.20 will not work anymore as there are some problems with it. It’s ok as long as we have 0.9.18. Probably the next version of the extension will be fixed to work ok again so remember to use version 0.9.18 for this until the problem is fixed.

Ok, so to use suhosin as the php function blocker we need to comment out disable_functions in php ini (yes, enable all the functions) and then set in php.ini
suhosin.executor.func.blacklist to something like this:

suhosin.executor.func.blacklist = exec, passthru, shell_exec, system, pcntl_exec, proc_open, proc_nice, proc_terminate, proc_get_status, proc_close, leak, apache_child_terminate, posix_kill, posix_mkfifo, posix_setpgid, posix_setsid, posix_setuid, escapeshellcmd, escapeshellarg

You can add as many functions as you like.

After that, all the functions added in suhosin.executor.func.blacklist will not work anymore in php scripts. If you need to enable a function for a domain, let’s say
exec, you will have to edit apache configuration file and add suhosin.executor.func.blacklist without the exec function:

<VirtualHost 127.0.0.1>
ServerAlias www.test.com
ServerAdmin webmaster@test.com
DocumentRoot /home/test/public_html

php_admin_value suhosin.executor.func.blacklist "passthru, show_source, shell_exec, system, pcntl_exec, popen, pclose, proc_open, proc_nice, proc_terminate, proc_get_status, proc_close, leak, apache_child_terminate, posix_kill, posix_mkfifo, posix_setpgid, posix_setsid, posix_setuid, escapeshellcmd, escapeshellarg"

</VirtualHost>

Now exec is disable on the server but it’s enabled on the test domain.

View 0 Replies View Related

Disable Functions :: Show_source, System, Shell_exec, Passthru, Exec ...

Jun 13, 2008

How to disable those functions on VPS with Lxadmin and CentOS 5
show_source, system, shell_exec, passthru, exec,
phpinfo, popen, proc_open, base64_decode, base64_encodem, proc_terminate

View 9 Replies View Related

DNS Functions

Jul 26, 2007

about DNS functions. I know what the DNS is, but some part of it I am confused.

Here is situation.
AAA.com - Master
BBB.com - Reseller

Now, BBB's clients point their DNS to ns1.BBB.com, ns2.BBB.com
However, when I check BBB's whois, it shows BBB has ns1.AAA.com, ns2.AAA.com

So, BBB's clients know BBB is reseller. How can I show ns1.BBB.com, ns2.BBB.com?

I believe it's DNS function, right?
so I tried to edit DNS following:

Domain TTL Recordtype
BBB.com 86400 NS ns1.BBB.com (default was ns1.AAA.com)
BBB.com 86400 NS ns1.BBB.com (default was ns2.AAA.com)

Is it correct?
however, I checked BBB's whois, but it's still showing up ns1.AAA.com, ns2.AAA.com

View 3 Replies View Related

Tsearch Functions

Nov 24, 2008

It seems that some tsearch2 functions are inaccessible such as a set of rank() funcs. The default definition for one of the functions is shown in the following snippet of

code:
CREATE OR REPLACE FUNCTION rank(real[], tsvector, tsquery)
RETURNS real AS
'$libdir/tsearch2', 'rank'
LANGUAGE 'c' IMMUTABLE STRICT;
I've tried to execute this script shown above and got the following error:
ERROR: permission denied for language c
rpm -qa | grep postgresql
postgresql-devel-8.3.5-1PGDG.rhel4
postgresql-server-8.3.5-1PGDG.rhel4
postgresql-8.3.5-1PGDG.rhel4
postgresql-libs-8.3.5-1PGDG.rhel4
postgresql-plpython-8.3.5-1PGDG.rhel4

View 2 Replies View Related

Some Functions Is Disabled.

Jun 29, 2007

My vps managed service has disabled this functions in php.ini :

Code:
exec, shell_exec, system, passthru,popen, virtual, show_source, pclose
I asked them why these disabled and the answer was "because of security reasons" .

So for example a Joomla installation with working RSS needs some of these functions and when I install vary php programs I face some strnge problems that I think it may be from these disabilities .

So my question is could these functions usually be disabled ? and may I delete them from disable_functions of php.ini

View 7 Replies View Related

How To Enable These Functions

Aug 26, 2007

My site is running with php scripts It's work fire at bluehost but get some error when i move to new VPS .

Quote:

Warning: fputs(): supplied argument is not a valid stream resource in /home/xxx/public_html/home/admin/update_categories.php on line 171

Warning: fclose(): supplied argument is not a valid stream resource in /home/xxx/public_html/home/admin/update_categories.php on line 173

Warning: fputs(): supplied argument is not a valid stream resource in /home/xxx/public_html/home/admin/update_categories.php on line 225

Warning: fclose(): supplied argument is not a valid stream resource in /home/xxx/public_html/home/admin/update_categories.php on line 227

I want to enable these functions fopen(),fputs(),fclose(),fputs(),fclose() but i don't know how to enable them .Could you tell me details

View 2 Replies View Related

Unlimited Emailing Functions On VPS

Jun 24, 2009

Are there companies out there that allow unlimited emailing capabilities on a VPS server? What kind of budget would be best to get this capability? Am I better of going with a dedicated server?

View 1 Replies View Related

How To Make MySQL Functions In PHP In Server

Mar 16, 2008

how to make MySQL functions in PHP in server,bcz when i intall VB in my dedicated server it comeing is there is any option in WHM to chnage these funtion!

View 14 Replies View Related

Enable The Disabled Functions For An Account

Jul 4, 2008

i have disbaled many functions in php.ini settings ! for security!

but i need to use some of the functions for my billing System!

how can i enable all the functions just for an account? or a directory!

View 0 Replies View Related

PHP Disabled Functions (HTTPD.conf)

Aug 7, 2007

is it possible to set the disabled functions list for PHP in apache's HTTPD.conf per virtual host? i want a bunch of functions disabled for everyone except the default host (me).

I tried the php_admin_value way and when i look at phpinfo() it shows that the master is disabled and the local is not disabled (exactly what i want) but they arnt actually enabled for me

View 14 Replies View Related

Plesk 12.x / Linux :: Session Expires When Client Uses Mysql Functions?

Aug 17, 2014

I'm using Parallels Plesk 12.0 and a mysql-Server.

I'm logged in with a customer's account into his phpmyadmin. Whenever a client connects to his website (which uses the database of his account) I get logged out and receive a "session expired" error. When I log in again I get "there's already a user with your username logged in".

View 4 Replies View Related

How To: Disable SSL 2.0 And Use SSL 3.0

Oct 20, 2008

Our security comlience test got failed due to following reason

Synopsis:
The remote service encrypts traffic using a protocol with known weaknesses.

Description:
The remote service accepts connections encrypted using SSL 2.0, which reportedly suffers from several cryptographic flaws and has been deprecated for several years. An attacker may be able to exploit these issues to conduct man-in-the-middle attacks or decrypt communications between the affected service and clients.

Solution:
Consult the application's documentation to disable SSL 2.0 and use SSL 3.0 or TLS 1.0 instead. See for Apache.

We have Cpanel RHEL server. Please advise how to:

'disable SSL 2.0 and use SSL 3.0 or TLS 1.0 instead. See for Apache.'

View 12 Replies View Related

How To Disable RBL

Feb 20, 2008

RBL is blocking every incoming email. While waiting for the admin. How to disable it?

View 3 Replies View Related

Dr Web - How To Disable It

May 11, 2008

I can stop Dr Web from within Plesk Control panel, but every time server restarts - Dr Web is automatically started again.

Any possible way to disable it from running?

Also the same with Spam Assassin.

I am running CentOS

View 0 Replies View Related

Disable SSL 2.0 And Use SSL 3.0

Nov 6, 2007

I would like to disable SSL 2.0 and use SSL 3.0, my question how i can do this and which file i have to modify or i have to upgrade from SSL 2.0 to SSL 3.0 ?

View 2 Replies View Related

Why Disable Parse_ini_file

Jun 10, 2009

I've seen for securing PHP recommends putting parse_ini_file() in the disable_functions line in php.ini but I cannot find an exact reason why. This being disabled is causing an error message to appear on some of my users sites but I'm trying to find a clear cut reason why it is disabled.

View 12 Replies View Related

Disable Clamav

Mar 19, 2008

How can I disable clamav on cpanel server and make sure that it's not running

because when clamav is running the outlook is not working so I have to restart clamav every time.

View 6 Replies View Related

Disable Logrotate

Oct 25, 2009

is it possible to disable log rotate? I can't seem to find the cron under my weeklys or dailys nor monthlys unless it's named "mad-db" but is there a way to make it say yearly? or just disable it all together? I say this because the script I use has a function already to clear the logs and when log rotate runs it kills all processes going by the script

View 8 Replies View Related

How Disable Phpinfo()

Apr 17, 2009

when some one upload and load files with phpinfo()

he can see our server PHP Configuration.

how can us disable phpinfo()?

View 13 Replies View Related

Disable Auditd

May 24, 2009

I have disabled auditd

Code:
root@server48 [~]# chkconfig --list |grep audit
root@server48 [~]# rpm -qa|grep audit
audit-libs-1.7.7-6.el5_3.3
audit-libs-1.7.7-6.el5_3.3
audit-libs-python-1.7.7-6.el5_3.3
root@server48 [~]# lsmod |grep audit
root@server48 [~]#
root@server48 [~]# ps aux|grep audit
root 532 0.0 0.0 0 0 ? S< May17 0:00 [kauditd]
root 20690 0.0 0.0 61180 740 pts/0 R+ 06:12 0:00 grep audit
root@server48 [~]#

I still get audit on /var/log/messages

Quote:

May 24 06:10:01 server48 kernel: type=1101 audit(1243163401.625:179651): user pid=19715 uid=0 auid=0 msg='PAM: accounting acct="root" : exe="/usr/sbin/crond" (hostname=?, addr=?, terminal=cron res=success)'
May 24 06:10:01 server48 kernel: type=1101 audit(1243163401.716:179652): user pid=19716 uid=0 auid=0 msg='PAM: accounting acct="youtubet" : exe="/usr/sbin/crond" (hostname=?, addr=?, terminal=cron res=success)'
May 24 06:10:02 server48 kernel: type=1101 audit(1243163402.087:179656): user pid=19719 uid=0 auid=0 msg='PAM: accounting acct="vidzboxc" : exe="/usr/sbin/crond" (hostname=?, addr=?, terminal=cron res=success)'

How do i disable auditd completely?

View 1 Replies View Related

How Disable Php On Cpanel

Jul 18, 2009

any one can apply php scripts under cpanel like:

domain.com:2082/scripts.php
I have run phpinfo for looking for cpanel php.ini I have
Configuration File (php.ini) Path /usr/local/cpanel/3rdparty/etc
I renamed /usr/local/cpanel/3rdparty/etc to /usr/local/cpanel/3rdparty/etc.OLD
then restart the server I am still get cpanel php work and phpinfo give :
Configuration File (php.ini) Path /usr/local/cpanel/3rdparty/etc
how to disable cpanel php to prevent some one exploit php to hacking my server?

View 5 Replies View Related

Disable Backup

Apr 9, 2009

i wanna disable the backup from cpanel for one user only

how i can do that?

i wont him take full backup from the cpanle.

View 4 Replies View Related

Disable FTP In CPanel/WHM

Apr 13, 2008

I've a VPS to run my only one website. As I don't use ftp, I'd like to know how to disable it.

I tried WHM -> Service Configuration -> Service Manager, then uncheck ftpd, but it's still there

View 6 Replies View Related

Disable WHM/Cpanel

Jul 29, 2008

I want to disable WHM/Cpanel.because client purchase dedicate server from us and he want to access from command line and no WHM/Cpanel so how can i do it and it will be effect on any service because i have installed all the service like dns, exim and http from WHM.

View 3 Replies View Related

How To Disable A Contain With Mod_security

May 7, 2008

How can i disable some words from the contain of the page by Mod_Security2?

View 6 Replies View Related

Disable FTP For Specified Time

Oct 30, 2008

Does is possible to disable ftp capabilities of several websites run by cron at some specified time of the day? then re-enable it automatical at a certain time also?

View 7 Replies View Related







Copyrights 2005-15 www.BigResource.com, All rights reserved