how to setup php variables

2 posts / 0 new
Last post
#1 Fri, 06/13/2008 - 18:47
paulfromsurrey

how to setup php variables

Hello Virtualmin team

I have to admit i was using virtualmin for two year. if any one still using gpl virtualmin they should try professional virtualmin. awesome

I am happy with this product.

since i am very new so i will be picking up your brain alot.

I know this is very good product but it is only good if it is configured right. i was using gpl virtualmin and made some stupid mistake some where and my server got hacked now help me to keep our server safe.

question1 i transfer one of the domain from my old server to new got problem with licence vailidation when i talk to the develop they told me following setting needs to be set up in my server.

i need your help to setup these setting and can be make custom change for each website.

for example : if one website ask for global array on or off

we can change those setting to just that website. can we add php.ini files to each website folder will this work or not.

now question no2 how to turn on these setting.

is these setting are safe for the server

_SERVER["PATH_TRANSLATED"], _SERVER["SCRIPT_FILENAME"], _SERVER["ORIG_PATH_TRANSLATED"]

Please advise

Thanks paul

computerfixguy@hotmail.com (if some one like to help me out on msn)

Sun, 06/07/2009 - 07:24
ronald
ronald's picture

these settings show up if you run php in mod_fcgi
they won't show up if you run in mod_php

I had 1 domain that needed those and what I did was to set that domain to mod_php.

as for security, there are some interesting discussions going on in this forum but what i like to point out mostly is that you have to set the open_basedir in the server template to restrict users to their home directory or at least to /home

with mod_fcgi every domain has its own php.ini and can therefore also change that setting which you then can prevent (taking away the whole functionality of editable php.ini's for users)

which ever way you run php, you dont want any users sniffing through the whole server and changing things or finding passwords....

running in mod_php gives you 1 main php.ini and users can then use the .htaccess file to set php_values. also you can then restrict users to their own home directory.

running in mod_fcgi is nice but you cant restrict users to their own home directory only to /home as far as i know at least.

what I have is for mod_php (apache2 compiled in the /usr/local/apache):
php_admin_value open_basedir ${HOME}:/var/lib/php/session:/usr/share/pear

and (before I had the default centos5 with apache in /etc/httpd) for mod_fcgi:
open_basedir ${HOME}:/tmp:/usr/lib/php:/usr/local/lib/php

running both mods for different domains on the same server is usually not a good idea though and you have to check if those values work for you depending on OS and locations.

my 2 cents

Topic locked