Customizing PHP Safe Mode
We’ll guide you through using PHP safe_mode and how-to enable it and to customize it for certain sites on your server. When using PHP as an Apache module, you can also change the configuration settings using directives in Apache configuration files (e.g. httpd.conf) and .htaccess files. PHP safe_mode is very important to in terms of server security because it restricts and disables the dangerous functions in PHP from the scripts like PHP Shell that can otherwise cause damages to your server and client sites.
Using PHP Safe_Mode
First of all we’ll take care of the files that you will edit, and make sure to have copy or backup .
Activate Safe Mode Globally
It is very simple to active safe mode on the entire server. All you need to do is just edit the php.ini file. If you can’t find where php.ini is or have multiple copies on your server the best thing to do is run phpinfo() to find it. Open up Notepad or your favorite HTML editor and paste in the following from this file.
Save it as phpinfo.php and upload it to a website that you want to test on your server. Type in the URL and you’ll get a PHP configuration page telling you exactly where php.ini is located and all kinds of other useful information about the sites and servers configuration settings.
A few lines down you’ll see this:
1) Open up php.ini in your shell with your favorite editing program.
2) Find the following line: safe_mode
3) Turning safe mode on or off.
You may active it by or turn it off by changing it to either On OR Off.
Good! Now save the file by ctrl + x then y
4) Restart the Apache web server by
Now safe_mode is active on all your server accounts.
Activate Safe Mode Using Per Site Basis
Now if you have scripts that require safe mode off like Modernbill or any script doesn't work well with safe_mode on what you will do? Disable safe_mode on the entire server just for these scripts? This isn’t very practical when you can disable php safe mode per user account/site basis.
Let’s do it!
2) Then find the httpd.conf, normally it’s in /etc/httpd/conf/ or /usr/local/apache/conf/
3) Then find the site you wish to edit.
You should see something like this
4) Now add this line:
php_admin_flag safe_mode Off
to be like this :
5) Good :) Now save the changes.
6) Restart the Apache web server by
PHP Safe mode should be on by default on all your servers for added security. However there are some scripts that are not compatible with it on so you have to make an exception to some client sites. Make sure you know why they’re requesting to have it turned off because it is much more secure for everyone to have it on.
If you run into trouble after editing httpd.conf you can run the apachectl configtest
Article from: http://webhostgear.com/166.html
Similar Articles : How to install ffmpeg, ffmpeg-PHP, Mplayer, Mencoder, flv2tool, LAME MP3 Encoder, and Libog from source, How to install ffmpeg on CentOS or Redhat Enteprirse Linux the easy way (Using RPMs/Yum) , Installing Pico on FreeBSD, Turck MMCache for PHP, Apache 2 Install and Upgrade Guide, lingerd - Setup and Installation, Howto mod_rewrite with Apache, Getting started with SSH Tutorial, How to install PRM (Process Resource Monitor), How to install ionCube loader, Apache Log Files Explained, Server Loads Explained, Guide to .htaccess tutorial and tips, Optimize and Tweak High-Traffic Servers, Common SSH Commands - Linux Shell Commands, Upgrade Guide From Red Hat 7.3 to 9.0, Changing Web Hosts? Step-By-Step Guide, Customizing PHP Safe Mode, Apache 2 PHP 4 and 5 (mod_php) on Linux - Apache2 PHP4 PHP5 Installation, Fantastico Error: enc_restrictions.inc.php is protected by SourceGuardian and requires file ixed.lin.4.X.X.pxp, 4.3.7.pxp, 4.3.8.pxp, 4.3.9.pxp error, How to Copy Files Across a Network/Internet in UNIX/LINUX (Redhat, Debian, FreeBSD, etc) - scp tar rsync, Fixing rndc error in WHM/cPanel: rnd: connection failed: connection refused, wget - how to use tuturial, cPanel Awstats Fix - Stoped Logging on single domain, How to Install Zend Optimizer/Encoder on cPanel/WHM, Upgrading CentOS 3.3 to 3.4 using yum, Redhat 7.3, 8.0, and 9.0 upgrade to CentOS 3 using yum (Red hat), Tutorial/HOW-TO: Kernel 2.6 Compilation with Grsecurity (grsec) - 2.6.5, 2.6.7, 2.6.8, 2.8.1, 2.6.9, 2.6.10, 184.108.40.206 , Repairing a mySQL Database/Table - How to restore/repair/recover, Flood Protection/DoS/DDoS Apache 1.3 and 2.0 - mod_dosevasive (Avoiding Denial of Service Attacks)
© Copyright 2003-2010
ABN 97 125 618 662