[ask] cara menambahkan ini_set


Status
Not open for further replies.
alexistdev

alexistdev

Expert 1.0
Hello tuan,

di csf security ada saran utk menambahkan file dibawah ke /opt/alt/php51/etc/php.ini:

You should consider adding ini_set to the disable_functions in the PHP configuration as this setting allows PHP scripts to override global security and performance settings for PHP scripts. Adding ini_set can break PHP scripts and commenting out any use of ini_set in such scripts is advised

ini caranya gimana ya? apa kita tambahkan ini_set = On gitu atau gimana ya?

makasi sebelumnya
 
mustafaramadhan

mustafaramadhan

Hosting Guru
Secara default, ini_set sudah on. Menambah ini_set ke disable_functions setara dengan ini_set = off.
 
mustafaramadhan

mustafaramadhan

Hosting Guru
Sangat jarang yang men-disable init_set ini. Salahsatu alasan karena tidak semua bisa di-init_set-kan.
 
Bestariweb Hosting

Bestariweb Hosting

Hosting Guru
The Warrior
Verified Provider
alexistdev said:
lebih baik di off kan atau di on kan pak?
Click to expand...
- disable_function=ini_set,exec,dst (semua fungsi yg berbahaya masukkan di baris ini)
- Disable menu php.ini di EA4
- buat cronjob per 2 jam untuk hapus php.ini di home dan subdirectory di bawahnya:
Code: 
0 */2 * * * find /home -name "php.ini" -type f -exec rm -rf {} \;
 
el_makong

el_makong

Hosting Guru
cek ke settingan php.ini, sebaiknya disabled ini_set di disabled_functions terutama pada shared servers
 
natanetwork

natanetwork

Hosting Guru
Verified Provider
Bestariweb Hosting said:
- disable_function=ini_set,exec,dst (semua fungsi yg berbahaya masukkan di baris ini)
- Disable menu php.ini di EA4
- buat cronjob per 2 jam untuk hapus php.ini di home dan subdirectory di bawahnya:
Code: 
0 */2 * * * find /home -name "php.ini" -type f -exec rm -rf {} \;
Click to expand...
kalo hapus php.ini pake cron tiap 2 jam ga praktis.. mending ignore php.ini dan paksa mereka pake .htaccess/.user.ini untuk ubah local value
 
alexistdev

alexistdev

Expert 1.0
mustafaramadhan said:
Sangat jarang yang men-disable init_set ini. Salahsatu alasan karena tidak semua bisa di-init_set-kan.
Click to expand...
baik pak saya pelajari dulu, enaknya bagaimana terimakasih.

Bestariweb Hosting said:
- disable_function=ini_set,exec,dst (semua fungsi yg berbahaya masukkan di baris ini)
- Disable menu php.ini di EA4
- buat cronjob per 2 jam untuk hapus php.ini di home dan subdirectory di bawahnya:
Code: 
0 */2 * * * find /home -name "php.ini" -type f -exec rm -rf {} \;
Click to expand...

wah mantap Pak , saya langsung uji coba.

el_makong said:
cek ke settingan php.ini, sebaiknya disabled ini_set di disabled_functions terutama pada shared servers
Click to expand...
betul mas ini saya test karena ada advice dari CSF. saya coba2 utk ngulik CSF nya.

hendranata said:
kalo hapus php.ini pake cron tiap 2 jam ga praktis.. mending ignore php.ini dan paksa mereka pake .htaccess/.user.ini untuk ubah local value
Click to expand...

klo boleh tau pengaturan ignore php di tweak setting kah pak?
 
natanetwork

natanetwork

Hosting Guru
Verified Provider
Bestariweb Hosting said:
settingnya dimana koh
Click to expand...
alexistdev said:
klo boleh tau pengaturan ignore php di tweak setting kah pak?
Click to expand...

koh? kohee..huehe..ada beberapa cara salah satunya ini
kalo pake su php bisa lewat sini

[10:07:52] [8744163] [~]$ tail -17 /etc/suphp.conf
[phprc_paths]
;Uncommenting these will force all requests to that handler to use the php.ini
;in the specified directory regardless of suPHP_ConfigPath settings.
;[phprc_paths], like suPHP_ConfigPath, is subject to php's PHPRC behavior.
;Before using this mechanism make sure to fully understand the implications
; of doing so:
; https://go.cpanel.net/EA4PHPHandlers#PHPHandlers-Thesuphp.conffile
; https://go.cpanel.net/PHPRC#ThecPanelPHPRCPHPPatchforEasyApache4-SuPHP
;application/x-httpd-ea-php54=/opt/cpanel/ea-php51/root/etc
;application/x-httpd-ea-php54=/opt/cpanel/ea-php52/root/etc
;application/x-httpd-ea-php54=/opt/cpanel/ea-php53/root/etc
;application/x-httpd-ea-php54=/opt/cpanel/ea-php54/root/etc
;application/x-httpd-ea-php55=/opt/cpanel/ea-php55/root/etc
;application/x-httpd-ea-php56=/opt/cpanel/ea-php56/root/etc
;application/x-httpd-ea-php70=/opt/cpanel/ea-php70/root/etc
;application/x-httpd-ea-php71=/opt/cpanel/ea-php71/root/etc
====

Just remove the comment (';') before each of those application lines, save the file, and restart the Apache service. You will want to also disable the MultiPHP INI Editor icon from the feature lists in WHM, so you do not have users inquiring why their custom changes aren't taking affect.
 
Status
Not open for further replies.

Top