disable php function in vhost or multiple user environment

Providing php access to many user require patience plus security aware.

People can damage server with some php function like system, passthru etc.

php provide php.ini file, this file needed to disable some dangerous function.

some option for disable php function are :

system, exec, shell_exec, passthru, set_time_limit, error_log, ini_alter, dl, pfsockopen, openlog, syslog, readlink, symlink, link, leak, fsockopen, popen, escapeshellcmd, apache_child_terminate apache_get_modules, apache_get_version, apache_getenv, apache_note,apache_setenv,virtual

after get this information php must know about these fucntion by editing php.ini files. This file located in C:\windows (in my win xp)

 disable php function in vhost or multiple user environment

Double click to open, click edit -> find enter  "disable_function"

 disable php function in vhost or multiple user environment

Before edit, the line will like this

 disable php function in vhost or multiple user environment

to disable the functions just add after = sign, into this :

; This directive allows you to disable certain functions for security reasons.
; It receives a comma-delimited list of function names. This directive is
; *NOT* affected by whether Safe Mode is turned On or Off.
disable_functions = "system, exec, shell_exec, passthru, set_time_limit, error_log, ini_alter, dl, pfsockopen, openlog, syslog, readlink, symlink, link, leak, fsockopen, popen, escapeshellcmd, apache_child_terminate apache_get_modules, apache_get_version, apache_getenv, apache_note,apache_setenv,virtual"

save the file and restart web server.

open new plain file and save it as info.php

 disable php function in vhost or multiple user environment

open browser and type address for the file, ex :

http://localhost/info.php

 disable php function in vhost or multiple user environment

after editing php.ini

 disable php function in vhost or multiple user environment

by adding this, security improve will take action. Of course trade off in client side, some function not available

 disable php function in vhost or multiple user environment

user try to view php configuration using phpinfo() icon smile disable php function in vhost or multiple user environment