Php Seucirty and Setting
Log into your Sever as root
Use the code below
pico /usr/local/lib/php.ini
on the first line for the PHP add after it
reveal_php 0
Make sure from the settings as it show below
safe_mode = On
allow_url_fopen = Off
expose_php = Off
enable_dl = Off
include_path "/usr/lib/php:/usr/local/lib/php:/tmp:/home"
register_globals = off
`
display_errors = Off
Search for
disable_functions
add after it the code below it need to be in one line
dl,escapeshellarg,escapeshellcmd,exec,passthru,proc_close,proc_get_status,proc_nice,proc_open,proc_terminate,shell_exec,system,pcntl_exec,getrusage,chown,chgrp,closelog,openlog,syslog,define_syslog_variables,php_ini_scanned_files,php_ini_loaded_file,ini_get_all,get_cfg_var,getservbyname,getservbyport
if you want to have higher security level use the codebelow
"dl,escapeshellarg,escapeshellcmd,exec,passthru,proc_close,proc_get_status,proc_nice,proc_open,shell_exec,system,pcntl_exec,getrusage,chown,chgrp,closelog,openlog,syslog,define_syslog_variables,php_ini_loaded_file,ini_get_all,get_cfg_var,getservbyname,getservbyport,ini_set,symlink,exec,posix_getgid,posix_getgrgid,pclose,proc_terminate,pfsockopen,apache_child_terminate,posix_mkfifo,posix_setpgid,posix_setuid,hypot,pg_host,pos,posix_access,posix_getcwd,posix_getservbyname,myshellexec,getpid,posix_getsid,posix_getuid,posix_isatty,posix_kill,posix_mknod,posix_setgid,posix_setsid,posix_setuid,ini_set,posix_times,posix_uname,ps_fill,posix_getpwuid,global,ini_restore,zip_open,zip_read,rar_open,bzopen,bzread,bzwrite,apache_get_modules,apache_get_version,phpversionphpinfo,php_ini_scanned_files,get_current_user,error_log,disk_total_space,diskfreespace,leak,imap_list,hypo,filedump,gethostbyname,safe_mode,ob_clean,getmygid,php_uname,apache_getenv,apache_setenv,bzread,bzwrite,bzopen,phpini,tempnam,higlight_file,sscanf,dos_conv,get_cwd,error_log,dir,cmd,e_name,vdir,get_dir,only_read,ftok,set_time_limit,ftpexec,posix_getpwnam,getmyuid,glob,mysql_list_dbs,disk_free_space,session_save_path,confirm_phpdoc_compiled,zip_entry_read,unlink,mkdir,copy,php_u,psockopen,crack_opendict,crack_getlastmessage,crack_closedict,crack_check,fpassthru,hell-exec,posix_get_last_error,posix_getlogin,posix_getgroups,posix_strerror,posix_getrlimit,posix_getpgrp,posix_getgrnam,pos,popen"
Search for
max_execution_time
change it to 3600
max_input_time
Change it to 3600
memory_limit
change it to 64M or 128M
upload_max_filesize
change it to 10M
Finally
post_max_size
change it to 50M
if you are using Vbulletin Forums add this setting at the end
add at the end of the php.ini
; Solution Problem VB
suhosin.request.max_vars = 1024
suhosin.post.max_vars = 1024
enter the commond below
httpd restart
