Dangerous PHP functions

[Egorkin]

The forum said that I have dangerous PHP functions enabled. I opened the message and thought they would be listed there. But NO! Then why the message? It carries no information in this form.

I have banned, but what is missing?

disable_functions = escapeshellarg, escapeshellcmd, exec, ini_alter, parse_ini_file, passthru, pcntl_exec, popen, proc_close, proc_get_status, proc_nice, proc_open, proc_terminate, show_source, shell_exec, symlink,system;

[CoffeeCake]

IPS checks for 'exec', 'system', 'passthru', 'pcntl_exec', 'popen', 'proc_open', 'shell_exec'. Where are you putting the disable_functions statement? It must be in the PHP ini file and cannot be in your web server's configuration (i.e. not in apache's configuration, or .htaccess, etc.).

Output phpinfo() and be sure you're setting it in the file indicated.

https://www.php.net/manual/en/ini.core.php#ini.disable-functions

Edited September 23, 2020 by Paul E.

[Egorkin]

8 hours ago, Paul E. said:

Where are you putting the disable_functions statement?

In php. ini of course! 🧒

8 hours ago, Paul E. said:

Output phpinfo() and be sure you're setting it in the file indicated.

I have a complaint about IPS. Why do they not display exactly what the error is, but just "you have an error" (it turns out where you want there and look for your problems)?

[bfarber]

Some errors are caused by things that do not need to be communicated to end users. Each error has an error code, however, which allows us to look up the problem at the code level more specifically. Sometimes errors also log more details to the system logs.

Where are you seeing "You have an error"? What is the error code, and if you view the system logs in the AdminCP (use the live search to look for "System Logs") do you see any related logs?

[CoffeeCake]

@Egorkin, one thing that stands out is that there's no space between symlink and system, while all of the other functions have a space in between. I'm not sure if that matters to php, but just making an observation of something that stands out as different.

[Davyc]

7 hours ago, Egorkin said:

In php. ini of course! 

If you are on a shared server then the php.ini file may not be recursive - which means that you will need to add that php.ini file to every folder to ensure those commands are executed at every level.  Some hosts have recursive php.ini files, but many don't.  Add the php.ini file into your admin folder and see if the error goes away, if it does then your php.ini file is NOT recursive.  Don't assume that because the error has gone away by adding the php.ini file in the admin folder that it has worked, it has just worked in the admin folder, so it won't be effective everywhere.  I had this same issue on the shared hosting server I use and I had to add the php.ini file to every folder (I used a command script to do this for me lol).

[Joey_M]

I have this in the root directory of my server and, in my domains main index (well the php.ini files)

Quote

disable_functions = "exec,passthru,shell_exec,system,proc_open,popen,curl_exec,curl_multi_exec,parse_ini_file,show_source"
 

I still see the error notification when I load my ACP up.

Any ideas why?

[Joey_M]

I just found and, followed this - all good for me now.

 

[NAWAC]

On 9/23/2020 at 11:53 AM, Davyc said:

If you are on a shared server then the php.ini file may not be recursive - which means that you will need to add that php.ini file to every folder to ensure those commands are executed at every level.  Some hosts have recursive php.ini files, but many don't.  Add the php.ini file into your admin folder and see if the error goes away, if it does then your php.ini file is NOT recursive.  Don't assume that because the error has gone away by adding the php.ini file in the admin folder that it has worked, it has just worked in the admin folder, so it won't be effective everywhere.  I had this same issue on the shared hosting server I use and I had to add the php.ini file to every folder (I used a command script to do this for me lol).

 

I had a similar problem. This solved it for me. 

Thanks.