JacobM Posted February 5, 2022 Posted February 5, 2022 New install on a shared hosting plan via BlueHost. I have access to the php.ini through the cPanel MultiPHP INI Editor for the domain and have checked that, but still getting this error. More than likely something I am doing wrong; however, I'd like to fix the issue. Error is: MultiPHP INI Editor has the following: ; cPanel-generated php ini directives, do not edit ; Manual editing of this file may result in unexpected behavior. ; To make changes to this file, use the cPanel MultiPHP INI Editor (Home >> Software >> MultiPHP INI Editor) ; For more information, read our documentation (https://go.cpanel.net/EA4ModifyINI) disable_functions = exec,passthru,shell_exec,system,proc_open,popen,pcntl_exec
Randy Calvert Posted February 6, 2022 Posted February 6, 2022 I don't believe disable_functions is available via the user side of the cPanel MultiPHP INI. https://features.cpanel.net/topic/add-disable_functions-to-multiphp-ini-editor-basic-mode https://serverok.in/php-disable_functions-php-fpm-cpanel (this is in reverse of what you what, but shoes it's not a user level activity, but instead a server level function meaning WHM or admin level SSH is needed) You might need to make the request to your host to disable this for you potentially if they're willing to do it.
Pescao6 Posted February 7, 2022 Posted February 7, 2022 You can add them under cPanel -> PHP Selector -> Options Your host can also help you doing this if you send them a ticket. Marc and SeNioR- 2
Marc Posted February 7, 2022 Posted February 7, 2022 I will move this to advanced hosting support, as this is an issue you need to resolve with your host, rather than with our software here. JacobM 1
SeNioR- Posted February 7, 2022 Posted February 7, 2022 (edited) If you can edit php.ini, add: [PHP] expose_php = Off disable_functions = "exec,system,passthru,shell_exec,escapeshellarg,escapeshellcmd,proc_close,proc_open,dl,popen,show_source,pcntl_exec" Edited February 7, 2022 by SeNioR- JacobM 1
Randy Calvert Posted February 7, 2022 Posted February 7, 2022 11 minutes ago, SeNioR- said: If you can edit php.ini, add: [PHP] expose_php = Off disable_functions = "exec,system,passthru,shell_exec,escapeshellarg,escapeshellcmd,proc_close,proc_open,dl,popen,show_source,pcntl_exec" The OP is on a shared hosting plan so this I don’t believe would be directly accessible to them.
IveLeft... Posted February 7, 2022 Posted February 7, 2022 Quite often with shared hosting - no matter what you do to disable dangerous PHP commands, it still doesnt work and more often than not the host isn't willing or able to disable these as its affects all customers on the shared environment.
SeNioR- Posted February 7, 2022 Posted February 7, 2022 (edited) 2 hours ago, Randy Calvert said: The OP is on a shared hosting plan so this I don’t believe would be directly accessible to them. You'd be surprised because many shared hostings, allows to edit php.ini 😉 Edited February 7, 2022 by SeNioR-
Randy Calvert Posted February 7, 2022 Posted February 7, 2022 27 minutes ago, SeNioR- said: You'd be surprised because many shared hostings, allows to edit php.ini 😉 Wow… in that case I would find a new shared host. That’s scary based on the power that file contains!! I could do a lot of damage with the various directives on direct editing of that file!
Sledge FTB Posted February 7, 2022 Posted February 7, 2022 18 minutes ago, Randy Calvert said: in that case I would find a new shared host. That’s scary based on the power that file contains!! Not necessary. A a lot of shared hostings are running in boxed/virtual environments. For example if the kernel is running on CloudLinux with proper use of CageFS. In such case you can't affect other users on the server with your php.ini and/or any of those "dangerous" PHP functions (or, more important, the other users on the server can't affect you with those ). IveLeft... 1
JacobM Posted February 8, 2022 Author Posted February 8, 2022 (edited) Thanks, all. I appear to have access to the php.ini file, so I did as @SeNioR- instructed and added that code. If that doesn't work I'll go the route of asking my host to assist in disabling those features. Edited February 8, 2022 by JacobM SeNioR- 1
JacobM Posted February 8, 2022 Author Posted February 8, 2022 So far I haven't seen this error pop back up, so I think that was the solution. Thanks, gentlemen!
Recommended Posts