DirectAdmin Knowledge Base and Support

DirectAdmin is a web panel for a simple administration of both virtual and dedicated servers. DirectAdmin is faster, safe and more powerful than any other CP. And we know how to customize and support it.

How to customize PHP disable_functions in DirectAdmin

| 00:48:39 11.04.2020

The directive "disable_functions" allows to disable certain functions. It takes on a comma-delimited list of function names. 

disable_functions

DirectAdmin uses the directive for security purposes, and here is a way how to customise it. We need to create a file /usr/local/directadmin/custombuild/custom/php_disable_functions with our own list of functions.

Let's say we want to allow proc_close, proc_open server-wide in DirectAdmin in PHP.

cd /usr/local/directadmin/custombuild
touch custom/php_disable_functions

A default list includes the following PHP functions:

exec, system, passthru, shell_exec, proc_close, proc_open, dl, popen, show_source, posix_kill, posix_mkfifo, posix_getpwuid, posix_setpgid, posix_setsid, posix_setuid, posix_setgid, posix_seteuid, posix_setegid, posix_uname

Our custom list will look like the following (it excludes proc_close, proc_open):

exec, system, passthru, shell_exec, dl, popen, show_source, posix_kill, posix_mkfifo, posix_getpwuid, posix_setpgid, posix_setsid, posix_setuid, posix_setgid, posix_seteuid, posix_setegid, posix_uname

For this we run:

cd /usr/local/directadmin/custombuild
echo "exec,system,passthru,shell_exec,dl,popen,show_source,posix_kill,posix_mkfifo,posix_getpwuid,posix_setpgid,posix_setsid,posix_setuid,posix_setgid,posix_seteuid,posix_setegid,posix_uname" > custom/php_disable_functions

and then update configs:

./build set secure_php yes
./build secure_php

After the process completes we need to check results it with:

php -i | grep ^disable_functions

It's expected to see the modified list of disabled functions without proc_close, proc_open, i.e. the excluded functions are now allowed.

That's it.

About Us
We are a team of professionals, and specialize in installation, configuring and managing of remote virtual and dedicated servers powered by Linux/Unix-like OS with DirectAdmin. We support various sets of software, including web-servers Apache, Nginx; internet domain name servers Bind, PowerDNS; mail-servers with POP3, IMAP and SMTP, FTP-servers, etc. After years of working through the most complex server challenges our team has gathered valuable experience and universal solutions suitable for everyday tasks. We are here to lend you a helping hand and take care of your servers in order to let you have enough time to do more of what you love.




All of the information and data on this site is for informational purposes only and is provided for the convenience of the user.
Powered by: Amiro.CMS - Free edition