cPanel & WHM Version 98 has been released, and brings a slew of great updates. Take a look at what is included, and then upgrade today!
This object is in archive! 

php.ini end user config

Nathan Lierbo shared this idea 8 years ago
Completed

It would really be nice to have a feature where end users are able to edit php config to suit their needs.


Original thread: http://forums.cpanel.net/f145/php-ini-end-user-config-223821.html

Best Answer
photo

This is absolutely something we'd love to provide with EasyApache4. I'd love to hear more feedback about things you'd like to see, restrictions on things that should be there, etc.

Replies (10)

photo
4

Will be interesting to filter what options we allow to our customers to edit and what others no. For example, dont allow to change memory_limit but allow to change max_execution_time

photo
2

I do like this feature. But with limitation.....

Currently we are using the PHP Selector of CloudLinux. With this feature, you can select which setting the user can modify, and what are the permited value (EX for file upload size, you can list 2M, 16M, 32M, 64M so the user can't go aboce 64M).

photo
2

This is absolutely something we'd love to provide with EasyApache4. I'd love to hear more feedback about things you'd like to see, restrictions on things that should be there, etc.

photo
2

Cloudlinux's approach for this is to allow admin to add control to anaything they want.


You can choose the type of choice (plain text box, dropdown etc.) this allows each hosting company to choose the values and allowed settings.

photo
1

With CloudLinux, locking these directives are a bit easier since it's done through the chroot. Without this chroot, it's a lot harder to have these directives 'locked', as we have to rely on the PHP handler to do the proper locking.

photo
1

Dear,


i would not allow changing in PHP.ini by the end user directly from their cPanel.

I don't think it's safe or reliable (what if a customer set to unlimit the upload values).


Instead i think it's a good idea having an editor per user in order to tune up for user without using that nightmare of includes everytime (apache includes).

photo
1

Users can technically still change php.ini directives via ftp, ssh, cPanel file editor, etc. We'd be providing a dedicated UI to make this easier.


If we included a feature toggle to disable this for your users, would that be a sufficient solution?


When you say 'tune up', I take it that you're looking for an easy way to make Apache adjustments for specific virtual hosts? Could you could expand on some of the things you are wanting to change for specific users?

photo
2

Hi Jacob,


if an account get hacked, the first first thing that is changed is the "php.ini" in the public_html.

This is done in order to escalate privileges, remove disabled functions limits and raise memory limits.

One of the best practice to hardening the web server is to do not allow php.ini modification by FTP.


Then USERS's php.ini should be saved OUTSIDE from the documentroot of the customer, they should not be allowed to directly modify these settings.


However customization in the hand of the root/admin/reseller must be always possible.

I have customers that require different memory limits, magicquote, error handling and so on.

If they "give a call" to our support we filter their request and setup their own PHP.ini following their needs.


If you want to give to USER possibility to change settings in their own cpanel, that's fine but:

- only by cpanel not FTP/SSH

- only safe options that cannot hurt the server


I think this can be usefull.

photo
4

We've been working on this for the past few weeks, and you'll see this in 11.52 with EasyApache 4 enabled!

photo
1

Go Jacob GO!!!!! ;)

photo
1

EasyApache 4 is now in EDGE, and included with it is the new MultiPHP INI Editor for both WHM & cPanel.

photo
1

This is FANTASTIC news!

photo
1

EasyApache 4 has been released to the CURRENT tier, which includes the new MultiPHP INI Editor for both WHM & cPanel

Replies have been locked on this page!