• Our team is looking to connect with folks who use email services provided by Plesk, or a premium service. If you'd like to be part of the discovery process and share your experiences, we invite you to complete this short screening survey. If your responses match the persona we are looking for, you'll receive a link to schedule a call at your convenience. We look forward to hearing from you!
  • The BIND DNS server has already been deprecated and removed from Plesk for Windows.
    If a Plesk for Windows server is still using BIND, the upgrade to Plesk Obsidian 18.0.70 will be unavailable until the administrator switches the DNS server to Microsoft DNS. We strongly recommend transitioning to Microsoft DNS within the next 6 weeks, before the Plesk 18.0.70 release.
  • The Horde component is removed from Plesk Installer. We recommend switching to another webmail software supported in Plesk.

Support for PHP disable_functions per domain

D

DRYALLS

Basic Pleskian
Hi,

I'm considering upgrading to this version of PLESK.

It's very important to me that I can set the PHP disable_functions to allow shell access for one domain only.

PHP disable_functions MUST be in php.ini. Does PLESK 11 support different php.ini per domain? I've downloaded the trial and looked at the PHP settings that can be changed by drop-down, radio buttons, text boxes, but it doesn't appear.
 
Run (on the respective domain name):
Code: 
<?php phpinfo();  ?>
And you will see the respective php.ini file in action. You can also manually add parameters to it such as that disable_functions...
 
So this is what I see after downloading the PLESK11+CentOS6 ISO and installing it

In PLESK I add a domain mydomain.com and create a phpinfo.php file

The results include:

Loaded Configuration File /etc/php.ini

Apache Environment includes

PP_CUSTOM_PHP_INI /var/www/vhosts/system/mydomain.com/etc/php.ini

and a setting for disable_functions is 'no value' either locally or Master

I check in /etc/php.ini and confirm that disable_functions is not set

So then I create a test.php file to check whether I can exec something

All it is is echo exec('whoami');

It returns 'apache', that is what I would expect

So now I edit etc/php.ini to switch on global server wide disable_functions. I restart apache and now when I run phpinfo.php again disable_functions for local and Master is

disable_functions exec,passthru,shell_exec,system,proc_open,popen,curl_exec,curl_multi_exec,parse_ini_file,show_source

These are the settings on my existing server which are causing me issues.

So now I run my test.php again. I get the expected result

Warning: exec() has been disabled for security reasons in /var/www/vhosts/mydomain.com/httpdocs/test.php on line 4

So far, so good. No I want to override the disable_functions for mydomain.com. I go to the PLESK GUI and in the big text box for PHP settings I type:

disable_functions =passthru,shell_exec,system,proc_open,popen,curl_exec,curl_multi_exec,parse_ini_file,show_source

Again I check phpinfo.php and confirm that my local disable_functions have been added as above. They have, so this should allow me to use the exec command in mydomain.com

So I run test.php, expecting to see 'apache' as the output again. But I get the same Warning message as above.

So clearly something is wrong. Please help.
 
Further info

If I configure PHP to be Fast-CGI this problem goes away. PHP loads its configuration from the /var/www/vhosts/system/mydomain.com/etc/php.ini in my domain.

But why doesn't it work for Apache, where the default /etc/php.ini is loaded, with the additional PP_CUSTOM_PHP_INI /var/www/vhosts/system/mydomain.com/etc/php.ini included by Apache?
 
There some functions you are not allowed to override ...and disable_functions is one of them! Unfortunately, you can't and you will not be able to override it!!
 
So it has to be in the 'root' php.ini and cannot be included. I see that now.

OK, but why does the FastCGI PHP on PLESK use the /var/www/vhosts/<domain>/etc/php.ini and the Apache mod-php on PLESK use /etc/php.ini and then include the domain-specific one?
 
To get it working set php hander to fastCGI, select desired php version. then put your custom directives in this file /var/www/vhosts/system/<domain.tld>/conf/php.ini
save file and rebuild configuration for domain (either on command line or by changing a php setting in panel for desired domain). The settings from /var/www/vhosts/system/<domain.tld>/conf/php.ini will override anything added via the panel. Verify with phpinfo. Setting is permanent and won;t be overwritten by any change in plesk.
 
You must log in or register to reply here.

Similar threads

brother4
Question Optimizing PHP FPM Handler Settings for Apache and Nginx in Plesk
Replies
0
Views
1K
brother4
brother4
AdrianC
Question php82-fpm stops responding, how to tune, debug, check variables
Replies
4
Views
2K
AdrianC
AdrianC
M
Issue Can't open Port 25. Please help
Replies
2
Views
4K
mhogue
M
brother4
Issue Intermittent 503 Errors on Plesk Obsidian (Ubuntu 22.04 LTS) with PHP-FPM Crashes - Seeking Advice
Replies
3
Views
12K
brother4
brother4
M
Resolved How to update default open_basedir for all websites?
Replies
6
Views
3K
Peter Debik
P
Back
Top