Admins eHow SysAdmin Tips & Tricks

May 12, 2009

Secure Your WebServer by Disabling Dangerous PHP Functions

Filed under: CentOS,cPanel,Debian,General,Security — Tags: , , , — admin @ 8:02 pm

In order to secure your web server you need to disable some php functions which may be used to hack your server.
open your php.ini file and search for “disable_functions” then replace it with following directive :

disable_functions = "apache_child_terminate, apache_setenv, define_syslog_variables, eval, exec, fp, fput, ftp_connect, ftp_exec, ftp_get, ftp_login, ftp_nb_fput, ftp_put, ftp_raw, ftp_rawlist, highlight_file, ini_alter, ini_get_all, ini_restore, inject_code, openlog, passthru, php_uname, phpAds_remoteInfo, phpAds_XmlRpc, phpAds_xmlrpcDecode, phpAds_xmlrpcEncode, popen, posix_getpwuid, posix_kill, posix_mkfifo, posix_setpgid, posix_setsid, posix_setuid, posix_setuid, posix_uname, proc_close, proc_get_status, proc_nice, proc_open, proc_terminate, shell_exec, syslog, system, xmlrpc_entity_decode"

after this step you need to restart apache server.
if you have cPanel installed on your server , you need to run the following command from SSH for cPanel work properly :

/scripts/makecpphp

it will make another instance of PHP for internal cPanel/WHM use.

Powered by WordPress