Jump to content

dangerous php functions in shared host


Recommended Posts

Posted

hi all, I think I have a problem with my host's provider.
seeing this now known notification:

"Some functions are enabled on your server which have the potential to cause serious damage to your community or server. If you are in a shared hosting environment, some of these functions may bypass the restrictions which prevent one account on the server affecting another. Their presence also increases the amount of damage that could be caused if your AdminCP is compromised.

Since Invision Community, and most other web applications do not use these functions, we recommend disabling them on your server, at least within the directory that your community is installed in. You should contact your hosting provider or system administrator and ask them to be added to the disable_functions PHP setting.

exec system passthru pcntl_exec popen proc_open shell_exec"

I asked to my host provider if he could eliminate the dangerous php functions, unfortunately I can't do it because I'm on a shared cloud host.
my provider, however, replied that it could not delete the functions because it would affect the whole host.
so I asked to delete them only for me in a specific directory, but I received a negative answer.
could you tell me the exact procedure to exclude those functions from a directory? I created a custom php.ini in public_html with the disable_functions command but it doesn't seem to work.
Thanks in advance

Posted

Some hosts allow you to override server-level config on a per-directory basis and some don't. Sometimes a php.ini file is used (and it needs to be in every single one of your directories) and sometimes an .htaccess file can be used. Unfortunately your host would need to tell you what method(s) are available to you to override the server config in your directory.

Ultimately though, this is just a recommendation - you can ignore it if your host is unable or unwilling to disable the functions.

Archived

This topic is now archived and is closed to further replies.

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...