Egorkin Posted September 23, 2020 Posted September 23, 2020 The forum said that I have dangerous PHP functions enabled. I opened the message and thought they would be listed there. But NO! Then why the message? It carries no information in this form. I have banned, but what is missing? disable_functions = escapeshellarg, escapeshellcmd, exec, ini_alter, parse_ini_file, passthru, pcntl_exec, popen, proc_close, proc_get_status, proc_nice, proc_open, proc_terminate, show_source, shell_exec, symlink,system;
CoffeeCake Posted September 23, 2020 Posted September 23, 2020 (edited) IPS checks for 'exec', 'system', 'passthru', 'pcntl_exec', 'popen', 'proc_open', 'shell_exec'. Where are you putting the disable_functions statement? It must be in the PHP ini file and cannot be in your web server's configuration (i.e. not in apache's configuration, or .htaccess, etc.). Output phpinfo() and be sure you're setting it in the file indicated. https://www.php.net/manual/en/ini.core.php#ini.disable-functions Edited September 23, 2020 by Paul E.
Egorkin Posted September 23, 2020 Author Posted September 23, 2020 8 hours ago, Paul E. said: Where are you putting the disable_functions statement? In php. ini of course! 🧒 8 hours ago, Paul E. said: Output phpinfo() and be sure you're setting it in the file indicated. I have a complaint about IPS. Why do they not display exactly what the error is, but just "you have an error" (it turns out where you want there and look for your problems)?
bfarber Posted September 23, 2020 Posted September 23, 2020 Some errors are caused by things that do not need to be communicated to end users. Each error has an error code, however, which allows us to look up the problem at the code level more specifically. Sometimes errors also log more details to the system logs. Where are you seeing "You have an error"? What is the error code, and if you view the system logs in the AdminCP (use the live search to look for "System Logs") do you see any related logs?
CoffeeCake Posted September 23, 2020 Posted September 23, 2020 @Egorkin, one thing that stands out is that there's no space between symlink and system, while all of the other functions have a space in between. I'm not sure if that matters to php, but just making an observation of something that stands out as different.
Davyc Posted September 23, 2020 Posted September 23, 2020 7 hours ago, Egorkin said: In php. ini of course! If you are on a shared server then the php.ini file may not be recursive - which means that you will need to add that php.ini file to every folder to ensure those commands are executed at every level. Some hosts have recursive php.ini files, but many don't. Add the php.ini file into your admin folder and see if the error goes away, if it does then your php.ini file is NOT recursive. Don't assume that because the error has gone away by adding the php.ini file in the admin folder that it has worked, it has just worked in the admin folder, so it won't be effective everywhere. I had this same issue on the shared hosting server I use and I had to add the php.ini file to every folder (I used a command script to do this for me lol). NAWAC 1
Joey_M Posted November 17, 2020 Posted November 17, 2020 I have this in the root directory of my server and, in my domains main index (well the php.ini files) Quote disable_functions = "exec,passthru,shell_exec,system,proc_open,popen,curl_exec,curl_multi_exec,parse_ini_file,show_source" I still see the error notification when I load my ACP up. Any ideas why?
Joey_M Posted November 17, 2020 Posted November 17, 2020 I just found and, followed this - all good for me now.
NAWAC Posted December 7, 2020 Posted December 7, 2020 On 9/23/2020 at 11:53 AM, Davyc said: If you are on a shared server then the php.ini file may not be recursive - which means that you will need to add that php.ini file to every folder to ensure those commands are executed at every level. Some hosts have recursive php.ini files, but many don't. Add the php.ini file into your admin folder and see if the error goes away, if it does then your php.ini file is NOT recursive. Don't assume that because the error has gone away by adding the php.ini file in the admin folder that it has worked, it has just worked in the admin folder, so it won't be effective everywhere. I had this same issue on the shared hosting server I use and I had to add the php.ini file to every folder (I used a command script to do this for me lol). I had a similar problem. This solved it for me. Thanks.
Recommended Posts