How Disable Phpinfo()
Apr 17, 2009when some one upload and load files with phpinfo()
he can see our server PHP Configuration.
how can us disable phpinfo()?
ADVERTISEMENT
How To Set SERVER_ADMIN On Phpinfo()?
Feb 9, 2007How do I set this Environment variable "SERVER_ADMIN" that I am seeing on phpinfo()?
View 1 Replies View RelatedPhpinfo.php.gif Executing Php
Mar 6, 2007Having this problem on chroot'ed sites in Ensim.
This is what I have in my php.conf:
Code:
[root@ns1 conf.d]# cat /etc/httpd/conf.d/php.conf
#
# PHP is an HTML-embedded scripting language which attempts to make it
# easy for developers to write dynamically generated webpages.
#
LoadModule php5_module modules/libphp5.so
SetOutputFilter PHP
SetInputFilter PHP
AddType application/x-httpd-php .php
AddType application/x-httpd-php-source .phps
This prevents file.php.gif from executing in a non-chrooted site, but in my chrooted sites, file.php.gif will execute as a PHP file. Any idea why? Some other config I have to change?
Enable Phpinfo()
Mar 27, 2007i give following error so how can i enable phpinfo()
Code:
warning : phpinfo() has been disabled for security reasons
Zend Won't Show Up In Phpinfo
Mar 31, 2008cat /proc/version
Linux version 2.6.23.15-80.fc7 (gcc version 4.1.2 20070925 (Red Hat 4.1.2-27)) #1 SMP Sun Feb 10 17:29:10 EST 2008
I installed Zend Optimizer (this is NOT a cpanel box to clarify)
1. Downloaded ZendOptimizer-3.3.3-linux-glibc23-i386.tar.gz
2. cd's into that directory
3. ./install.sh
No errors
[root@host ~]# service httpd restart
Stopping httpd: [ OK ]
Starting httpd: [ OK ]
However, ZO does not show up in php info
php -v
PHP 5.2.4 (cli) (built: Sep 18 2007 08:50:58)
Copyright (c) 1997-2007 The PHP Group
Zend Engine v2.2.0, Copyright (c) 1998-2007 Zend Technologies
with eAccelerator v0.9.5.2, Copyright (c) 2004-2006 eAccelerator, by eAccelerator
php -m
[Zend Modules]
eAccelerator
File: /usr/local/Zend/etc/php.ini
[Zend]
zend_extension_manager.optimizer=/usr/local/Zend/lib/Optimizer-3.3.3
zend_extension_manager.optimizer_ts=/usr/local/Zend/lib/Optimizer_TS-3.3.3
zend_optimizer.version=3.3.3
zend_extension=/usr/local/Zend/lib/ZendExtensionManager.so
zend_extension_ts=/usr/local/Zend/lib/ZendExtensionManager_TS.so
Code:
[root@host lib]# ls -lh
total 32K
drwxr-xr-x 9 root root 4.0K 2008-03-28 20:27 Optimizer-3.3.3
drwxr-xr-x 7 root root 4.0K 2008-03-28 20:27 Optimizer_TS-3.3.3
-rwxr-xr-x 1 root root 11K 2008-03-31 16:21 ZendExtensionManager.so
-rwxr-xr-x 1 root root 11K 2008-03-31 16:21 ZendExtensionManager_TS.so
Centos 64bit Phpinfo
Jan 16, 2008anyone have a cpanel server running centos 64bit or fedora ? i would appreciate a phpinfo. then you can remove it afterwards i need to debug something in 2 of my servers.
View 3 Replies View RelatedZend Not Show In Phpinfo
Jun 22, 2008The issue starts after I reboot the server for another issue.
And then zend optimizer not show in phpinfo.
I have checked php -m and php -v,both normal.
[root@linux ~]# php -v
PHP 4.3.9 (cgi) (built: Sep 12 2007 11:09:31)
Copyright (c) 1997-2004 The PHP Group
Zend Engine v1.3.0, Copyright (c) 1998-2004 Zend Technologies
with Zend Extension Manager v1.2.2, Copyright (c) 2003-2007, by Zend Technologies
with Zend Optimizer v3.3.0, Copyright (c) 1998-2007, by Zend Technologies
[root@linux ~]# php -m
[PHP Modules]
bcmath
bz2
calendar
ctype
curl
dba
dbx
dio
domxml
exif
ftp
gd
gettext
gmp
iconv
imap
ldap
mbstring
mime_magic
mysql
openssl
overload
pcntl
pcre
posix
pspell
session
shmop
sockets
standard
sysvsem
sysvshm
tokenizer
wddx
xml
yp
Zend Optimizer
zlib
[Zend Modules]
Zend Extension Manager
Zend Optimizer
But phpinfo page only show
This program makes use of the Zend Scripting Language Engine:
Zend Engine v1.3.0, Copyright (c) 1998-2004 Zend Technologies
I am headache and try to reinstall Zend many times and reboot the server many times but not work.
Memory_limit Value Not Showing In Phpinfo
May 21, 2007in my php.ini I have:
memory_limit = 32M
but when I load a phpinfo() page, the setting is displayed nowhere.
Is there a reason for this ? I fear the setting is not taken in consideration by the server because of this.
Canonical Phpinfo() Link Thread
May 27, 2008I find that lots of hosts don't put the link to a phpinfo() script on their websites, even though that would save everyone a lot of unnecessary questions.
So I figure we should have a thread where people can add links to phpinfo scripts on their own hosts, or hosts where they happen to have the URL of a phpinfo script.
For those of you who own your own web hosting services, here's a chance to show off all your installed goodness, and all it takes is placing a simple link here (and put one in your FAQ section on your web site too, for the love of God)..
Since the forum doesn't allow editing your own posts (I still think that is nuts), please include all previous links in your post, so visitors will only need to read the LAST post to find all the updated links in one place.
Phpinfo Shows Wrong MySQL Version
Mar 25, 2008I have recently upgraded MySQL to 5.25
However, when I run phpinfo, I see the following:
mysql
MySQL Support enabled
Active Persistent Links 0
Active Links 0
Client API version 4.1.21
MYSQL_MODULE_TYPE external
MYSQL_SOCKET /var/lib/mysql/mysql.sock
MYSQL_INCLUDE -I/usr/include/mysql
MYSQL_LIBS -L/usr/lib/mysql -lmysqlclient
mysqli
MysqlI Support enabled
Client API library version 4.1.21
Client API header version 4.1.20
MYSQLI_SOCKET /var/lib/mysql/mysql.sock
Security Risk To Share Phpinfo File
Mar 10, 2007There are always people who would like to know what the php settings are on the server. Is it a security risk to share the phpinfo.php file on a website, with anybody who visits that website, able to view it?
View 4 Replies View RelatedHow To: Disable SSL 2.0 And Use SSL 3.0
Oct 20, 2008Our security comlience test got failed due to following reason
Synopsis:
The remote service encrypts traffic using a protocol with known weaknesses.
Description:
The remote service accepts connections encrypted using SSL 2.0, which reportedly suffers from several cryptographic flaws and has been deprecated for several years. An attacker may be able to exploit these issues to conduct man-in-the-middle attacks or decrypt communications between the affected service and clients.
Solution:
Consult the application's documentation to disable SSL 2.0 and use SSL 3.0 or TLS 1.0 instead. See for Apache.
We have Cpanel RHEL server. Please advise how to:
'disable SSL 2.0 and use SSL 3.0 or TLS 1.0 instead. See for Apache.'
How To Disable RBL
Feb 20, 2008RBL is blocking every incoming email. While waiting for the admin. How to disable it?
View 3 Replies View RelatedDr Web - How To Disable It
May 11, 2008I can stop Dr Web from within Plesk Control panel, but every time server restarts - Dr Web is automatically started again.
Any possible way to disable it from running?
Also the same with Spam Assassin.
I am running CentOS
Disable SSL 2.0 And Use SSL 3.0
Nov 6, 2007I would like to disable SSL 2.0 and use SSL 3.0, my question how i can do this and which file i have to modify or i have to upgrade from SSL 2.0 to SSL 3.0 ?
View 2 Replies View RelatedWhy Disable Parse_ini_file
Jun 10, 2009I've seen for securing PHP recommends putting parse_ini_file() in the disable_functions line in php.ini but I cannot find an exact reason why. This being disabled is causing an error message to appear on some of my users sites but I'm trying to find a clear cut reason why it is disabled.
View 12 Replies View RelatedDisable Clamav
Mar 19, 2008How can I disable clamav on cpanel server and make sure that it's not running
because when clamav is running the outlook is not working so I have to restart clamav every time.
Disable Logrotate
Oct 25, 2009is it possible to disable log rotate? I can't seem to find the cron under my weeklys or dailys nor monthlys unless it's named "mad-db" but is there a way to make it say yearly? or just disable it all together? I say this because the script I use has a function already to clear the logs and when log rotate runs it kills all processes going by the script
View 8 Replies View RelatedDisable Auditd
May 24, 2009I have disabled auditd
Code:
root@server48 [~]# chkconfig --list |grep audit
root@server48 [~]# rpm -qa|grep audit
audit-libs-1.7.7-6.el5_3.3
audit-libs-1.7.7-6.el5_3.3
audit-libs-python-1.7.7-6.el5_3.3
root@server48 [~]# lsmod |grep audit
root@server48 [~]#
root@server48 [~]# ps aux|grep audit
root 532 0.0 0.0 0 0 ? S< May17 0:00 [kauditd]
root 20690 0.0 0.0 61180 740 pts/0 R+ 06:12 0:00 grep audit
root@server48 [~]#
I still get audit on /var/log/messages
Quote:
May 24 06:10:01 server48 kernel: type=1101 audit(1243163401.625:179651): user pid=19715 uid=0 auid=0 msg='PAM: accounting acct="root" : exe="/usr/sbin/crond" (hostname=?, addr=?, terminal=cron res=success)'
May 24 06:10:01 server48 kernel: type=1101 audit(1243163401.716:179652): user pid=19716 uid=0 auid=0 msg='PAM: accounting acct="youtubet" : exe="/usr/sbin/crond" (hostname=?, addr=?, terminal=cron res=success)'
May 24 06:10:02 server48 kernel: type=1101 audit(1243163402.087:179656): user pid=19719 uid=0 auid=0 msg='PAM: accounting acct="vidzboxc" : exe="/usr/sbin/crond" (hostname=?, addr=?, terminal=cron res=success)'
How do i disable auditd completely?
How Disable Php On Cpanel
Jul 18, 2009any one can apply php scripts under cpanel like:
domain.com:2082/scripts.php
I have run phpinfo for looking for cpanel php.ini I have
Configuration File (php.ini) Path /usr/local/cpanel/3rdparty/etc
I renamed /usr/local/cpanel/3rdparty/etc to /usr/local/cpanel/3rdparty/etc.OLD
then restart the server I am still get cpanel php work and phpinfo give :
Configuration File (php.ini) Path /usr/local/cpanel/3rdparty/etc
how to disable cpanel php to prevent some one exploit php to hacking my server?
Disable Backup
Apr 9, 2009i wanna disable the backup from cpanel for one user only
how i can do that?
i wont him take full backup from the cpanle.
Disable FTP In CPanel/WHM
Apr 13, 2008I've a VPS to run my only one website. As I don't use ftp, I'd like to know how to disable it.
I tried WHM -> Service Configuration -> Service Manager, then uncheck ftpd, but it's still there
Disable WHM/Cpanel
Jul 29, 2008I want to disable WHM/Cpanel.because client purchase dedicate server from us and he want to access from command line and no WHM/Cpanel so how can i do it and it will be effect on any service because i have installed all the service like dns, exim and http from WHM.
View 3 Replies View RelatedHow To Disable A Contain With Mod_security
May 7, 2008How can i disable some words from the contain of the page by Mod_Security2?
View 6 Replies View RelatedDisable FTP For Specified Time
Oct 30, 2008Does is possible to disable ftp capabilities of several websites run by cron at some specified time of the day? then re-enable it automatical at a certain time also?
View 7 Replies View RelatedHow Do I Disable IPTables?
Dec 5, 2008I installed APF/BFD a log time ago on my centos server and have had no problems up until now.
Approx 3 days ago, the server was uncontactable by SSH/HTTP/FTP. So I ran a traceroute and the host confirmed the box was up with no problems.
He disabled IPTables and I was allowed in. Anyway, overnight, the same thing has happenned again.
I will have to SSH in from another IP however, my main question is how do I disable IPTables ? Or better still, how do I uninstall APF!
Disable Email
Feb 20, 2008I got the problem with email running on my server.
That mean, I using my domain email service with other server. Now I hosted a website for this domain on one other server.
Note that the IP for domain and email domains are different (Using managed domain service)
But I got the problem now when email sending from the server (using php email function ) with the website running that will confusing, not sending anymore.
Don't know that you understand my case. But I want to stop email service for this domain on my server, all email just send and receive through other email server.
How can I setup or configure it through SSH?
How To Disable This Message
Apr 9, 2007I have placed .htaccess to block some ip, when the person ip matches, my server will gives this message "client denied by server configuration", got lots of them everday in my error log, how can I disable this message? I need other error log message but not this message, is there any way I can disable it?
using centos and plesk.
How Do I Disable Apache
Apr 6, 2008I have Apache 2.2 using cPanel 11 how do I disable apache I was sure it was using this cmd, /etc/httpd/conf/httpd.conf off When I try that I get permission denied and im logged in with root! I also tried this /etc/httpd/conf/httpd.conf chmod 777 permission denied again. Anyways, I need to disable Apache so LiteSpeed will work and I can dump Apache the unforgiven pos that will dos it recieves a request to visit a webpage. (That is over doing it, Apache is really good just if it gets hit it's down easy.)
View 9 Replies View RelatedDisable Function
Dec 3, 2008It possible to disable the disable function for all user expect one account for running few application i need shell_exec, passthru, exec these so for other account it possible to disable it?
View 2 Replies View RelatedDisable Php Functions
Sep 15, 2007Does the below look good for a private server (linux, cpanel, phpsuexec disabled)?
disable_functions = show_source, system, shell_exec, passthru, phpinfo, popen, proc_open
What about a shared hosting server (linux, cpanel, phpsuexec *enabled*)?
disable_functions = show_source, system, shell_exec, passthru, phpinfo, popen, proc_open