Prevent Server owner from tempering with Php Configuration

What method of PHP execution are you using? mod_php or FCGId?

The option you changed states this in the help text:

This is implemented by making the domain's ~/etc/php.ini file editable only by the root Unix user.

Can you verify if the user's php.ini is correctly created after you change the option? Also, note that changing that option only applies to newly created domains, it will not change the file owner of existing domains.

If you use FCGId, which it looks like, users can always change php.ini files no matter what is disabled in virtualmin.
Because as being the owner of files and folders they can rename the appropiate folder too and insert their own php.ini in a newly created php folder. Also they could create a php.ini in their public root.

However to discourage you can mute the files with chattr +i, not even root can change the file then. Create an immutable.sh with following code

cd /home ; find -type f -name php.ini -maxdepth 4  | awk {'print "chattr +i "$1'} |sh
cd /home ; find -type d -name etc -maxdepth 2 | awk {'print "chattr +i "$1'} |sh
cd /home ; find -type f -name php5.fcgi | awk {'print "chattr +i "$1'} |sh 
cd /home ; find -type d -name fcgi-bin -maxdepth 2 | awk {'print "chattr +i "$1'} |sh

and create one mutable.sh with all +i instances replaced by -i
add a rule in virtualmin: command to run before creating a virtual server and tell it to run the mutable.sh, also command to run after creation of a virtual server and tell it to run the immutable.sh

I was trying to do the same few days ago. My users have no SSH access so I just put .ftpaccess file to every directory I want them not to visit. The file contains just DenyAll. All is prepared in /etc/skel to be applied for every new server.