Updating Apache using Cpanel EasyApache Published: Jun 07, 2004
  • Rating

    3/5

We'll guide you through using PHP safe_mode and how-to enable it and to customize it for certain sites on your server. If a client needs it turned off for just one site and you have it turned on for the entire server what can you do?

Customizing PHP Safe Mode

We’ll guide you through using PHP safe_mode and how-to enable it and to customize it for certain sites on your server. When using PHP as an Apache module, you can also change the configuration settings using directives in Apache configuration files (e.g. httpd.conf) and .htaccess files. PHP safe_mode is very important to in terms of server security because it restricts and disables the dangerous functions in PHP from the scripts like PHP Shell that can otherwise cause damages to your server and client sites.

Using PHP Safe_Mode

First of all we’ll take care of the files that you will edit, and make sure to have copy or backup .

Activate Safe Mode Globally

It is very simple to active safe mode on the entire server. All you need to do is just edit the php.ini file. If you can’t find where php.ini is or have multiple copies on your server the best thing to do is run phpinfo() to find it. Open up Notepad or your favorite HTML editor and paste in the following from this file.

http://www.webhostgear.com/phpinfo.phps

Save it as phpinfo.php and upload it to a website that you want to test on your server. Type in the URL and you’ll get a PHP configuration page telling you exactly where php.ini is located and all kinds of other useful information about the sites and servers configuration settings.

A few lines down you’ll see this:
Configuration File (php.ini) Path: /usr/local/Zend/etc/php.ini
Now that we know the location of php.ini we can proceed to edit it.

1) Open up php.ini in your shell with your favorite editing program.
pico /path to php/php.ini (replace with the path to your php.ini file)

2) Find the following line: safe_mode
Ctrl + W and type in: safe_mode

3) Turning safe mode on or off.
safe_mode = Off

You may active it by or turn it off by changing it to either On OR Off.
safe_mode = On

Good! Now save the file by ctrl + x  then y

4) Restart the Apache web server by
/etc/init.d/httpd restart

Now safe_mode is active on all your server accounts.

Activate Safe Mode Using Per Site Basis

Now if you have scripts that require safe mode off like Modernbill or any script doesn't work well with safe_mode on what you will do? Disable safe_mode on the entire server just for these scripts? This isn’t very practical when you can disable php safe mode per user account/site basis.

Let’s do it!
1) SSH to your server and login as root.

2) Then find the httpd.conf, normally it’s in /etc/httpd/conf/  or  /usr/local/apache/conf/
If it’s not in either of those places try search for it: locate httpd.conf

3) Then find the site you wish to edit.
Ctrl+W and type in the domain name

You should see something like this

<VirtualHost ***.***.***.***>
ServerAlias www.domain.net domain.net
ServerAdmin webmaster@domain.net
DocumentRoot /home/domain/public_html
BytesLog domlogs/domain.net-bytes_log
ServerName www.domain.net
User domain
Group domain
CustomLog domlogs/domain.net combined
ScriptAlias /cgi-bin/ /home/domain/public_html/cgi-bin/
</VirtualHost>

4) Now add this line:

php_admin_flag safe_mode Off

We have also found that the following works as well if the above does not but DO NOT USE BOTH, pick one!

php_admin_value safe_mode 0

to be like this :

<VirtualHost ***.***.***.***>
ServerAlias www.domain.net domain.net
ServerAdmin webmaster@domain.net
DocumentRoot /home/domain/public_html
php_admin_flag safe_mode Off
BytesLog domlogs/domain.net-bytes_log
ServerName www.domain.net
User domain
Group domain
CustomLog domlogs/domain.net combined
ScriptAlias /cgi-bin/ /home/domain/public_html/cgi-bin/
</VirtualHost>

5) Good :) Now save the changes.
Ctrl + X then Y

6) Restart the Apache web server by
/etc/init.d/httpd restart

Final Words

PHP Safe mode should be on by default on all your servers for added security. However there are some scripts that are not compatible with it on so you have to make an exception to some client sites. Make sure you know why they’re requesting to have it turned off because it is much more secure for everyone to have it on.

If you run into trouble after editing httpd.conf you can run the apachectl configtest
in shell. This will test the Apache configuration for errors and report them back to you if you can’t start it, very handy indeed!
More PHP customizing commands here: http://php.us.themoes.org/manual/en/configuration.changes.php

Contributed by ReRoot, edited by Ramprage

  • Rating

    3/5

Related Articles

Comments (10)

  • Gravatar - Steve
    Steve 00:37, March 22, 2005
    Geat tutorial, thanks!
  • Gravatar - perdana
    perdana 16:57, April 6, 2005
    hey....who r u....<br />
    am perdana from indonesian<br />
    to the point....<br />
    am dizy for cpanel ver9x<br />
    am nedded your help...<br />
    plz send to my email...<br />
    am waiting
  • Gravatar - alec
    alec 11:10, May 3, 2006
    Fab! Many thanks, saved my arse! easy to follow, simple to do!<br />
    <br />
  • Gravatar - Patrick
    Patrick 12:40, May 16, 2006
    Whenever I put /scripts/easyapache into my ssh window, easy apache auto executes and I never get to select what option I want. What gives?<br />
    <br />
    And is there a way around this happening?<br />
    <br />
    Thanks
  • Gravatar - Cristian
    Cristian 09:42, July 26, 2006
    This is a good tutorial.<br />
    Easy to follow
  • Gravatar - Wade
    Wade 06:15, October 15, 2006
    if you don't see the "options" selection and it just goes into building apache, you might need to delete the /home/cpapachebuild directory and files, and you might also need to use upcp -force FIRST. <br />
    <br />
    I had this problem but did the above and it worked.
  • Gravatar - Shanx
    Shanx 06:06, June 18, 2007
    Instead of doing it in the console, it's much better to simply use the WHM interface. It shows everything that can be set or unset, and works without unpredictable results on different platforms. Look for "Upgrade Apache" on the left hand side frame menu.
  • Gravatar - Baby
    Baby 06:03, April 30, 2008
    Upgare Apache On Cpanel<br />
    hello dears,<br />
    i have a problem with me apache and the site's settings.<br />
    my apache version is very old and i want to upgrade with the<br />
    apache 2.2,but i have a little information to do that<br />
    if there is no problem please tell me how can i upgrade my apache with cpanel manager(explain step by step)<br />
    and my server's operation is linux.<br />
    another question is: when i design a php e-mail sender and i send an e-mail to<br />
    another mail in the diffrent server when i recive that and check it , it was from another server<br />
    but the user be same, for example: my e-mail : baby@server.com but i recive babay@victim.com
  • Gravatar - Mike Spears
    Mike Spears 15:15, June 8, 2008
    Great Tutorial!<br />
    Very easy to follow.
  • Gravatar - santosh
    santosh 18:07, September 15, 2009
    Great

Add Your Thoughts

WebHostGear.com is a hosting directory, not a web host.

Copyright © 1998-2014 WebHostGear.com