forbid custom php config settings on apache 2.2 + mod_php server – Managing your servers can streamline the performance of your team by allowing them to complete complex tasks faster. Plus, it can enable them to detect problems early on before they get out of hand and compromise your business. As a result, the risk of experiencing operational setbacks is drastically lower.
But the only way to make the most of your server management is to perform it correctly. And to help you do so, this article will share nine tips on improving your server management and fix some problem about apache-2.2, php, mod-php, , .
I have a server where php is running as an apache module.
Every user on the server is restricted to his own directory with open_basedir.
I have disabled the following functions:
disable_functions = exec,passthru,shell_exec,system,proc_open,popen,curl_multi_exec,parse_ini_file,show_source
Now I’d like to forbid custom php config settings, such as:
How would you go about it?
You can use the
php_admin_flag directives to hard code the values into your apache config, this will prevent both
ini_set from overriding the values you set.
You can read about these directives in the PHP documentation