forbid custom php config settings on apache 2.2 + mod_php server

Posted on

forbid custom php config settings on apache 2.2 + mod_php server – Managing your servers can streamline the performance of your team by allowing them to complete complex tasks faster. Plus, it can enable them to detect problems early on before they get out of hand and compromise your business. As a result, the risk of experiencing operational setbacks is drastically lower.

But the only way to make the most of your server management is to perform it correctly. And to help you do so, this article will share nine tips on improving your server management and fix some problem about apache-2.2, php, mod-php, , .

I have a server where php is running as an apache module.

Every user on the server is restricted to his own directory with open_basedir.

I have disabled the following functions:

disable_functions = exec,passthru,shell_exec,system,proc_open,popen,curl_multi_exec,parse_ini_file,show_source

Now I’d like to forbid custom php config settings, such as:

memory_limit

max_execution_time

max_input_time

post_max_size

upload_max_filesize

How would you go about it?

ty

Solution :

You can use the php_admin_value and php_admin_flag directives to hard code the values into your apache config, this will prevent both .htaccess and ini_set from overriding the values you set.

You can read about these directives in the PHP documentation

Leave a Reply

Your email address will not be published. Required fields are marked *