This website is deprecated, and remains online only for historic access to old issues and docs for historic versions of Virtualmin. It has been unmaintained for several years, and should not be relied on for up-to-date information. Please visit www.virtualmin.com instead.

Configure Virtual server to not load additional php ini file

3 posts / 0 new

Topic locked

Last post

#1 Tue, 03/20/2012 - 23:52

rogeriobrito

Configure Virtual server to not load additional php ini file

Hello,

I have several virtual servers on my box, and a sometime ago one of the virtual servers was hacked. To quickly disable some php functions I added a /etc/php.d/myconf.php file, that contains:

expose_php = Off
disable_functions = show_source, system, shell_exec, passthru, exec, popen, proc_open
session.cookie_httponly = 1

After restarting apache those configs were applied to all virtual servers, very good!

The problem is I have one specific virtual server that needs the "exec" function. So the question is, how do I re-enable the "exec" function only to that virtual server?

Thank you

Rogerio

#2 Wed, 03/21/2012 - 08:40

andreychek

Howdy,

Well, could you just disable it for that one Virtual Server... you could add the code to disable it to their own php.ini file in $HOME/etc/php.ini.

Most hackers or bots that break into websites don't look in there to try and change the php.ini, so chances are that would continue to work fine, and it would allow your other sites to use those functions.

-Eric

#3 Thu, 03/22/2012 - 15:33

rogeriobrito

Hi Eric,

Actually, it's the other way around. I want to block the functions for all servers, except one. With a custom /etc/php.d/myconf.ini I could block it for all servers, now I have to enable the funcion on only one virtual server. I've tried editing the local php.ini with a different disable_functions setting, but it didn't work. Is there a way to do it without having to edit the php.ini for all the servers? Thanks - Rogerio

Topic locked