07 May

How to protect/secure php.ini with SuPHP?

Posted by admin     Category: cPanel Management

When Apache is compiled as CGI/SuPHP, it allows users to create their own php.ini file under their home directory and modify the php values as per their wish. This may increase security concerns on the server and hence to protect/secure php.ini in SuPHP enabled servers, force every user to use a common php.ini file.

This can be achieved by defining the path of php.ini using suPHP_ConfigPath. To force users to use existing server side php.ini file, create suphp_configpath.conf

# pico /usr/local/apache/conf/userdata/suphp_configpath.conf

and add the following lines

#just specify the path to the php.ini file directory
<IfModule mod_suphp.c>
<Location />
suPHP_ConfigPath /usr/local/lib/
</Location>
</IfModule>

Once done, save the file and rebuild the Apache configuration so it picks up the changes.

# /usr/local/cpanel/bin/apache_conf_distiller –update –main
# /usr/local/cpanel/bin/build_apache_conf

To verify the include files, execute:

/scripts/verify_vhost_includes

It will display the path to the .conf file you created. Restart the Apache service once

/scripts/restartsrv httpd

This will ensure all the users use the server side php configuration file. If you wish to keep the php.ini elsewhere, just change the value of “suPHP_ConfigPath” and follow the above steps.

(0) Comments
02 May

Fatal error: Call to undefined function mysql_connect()

Posted by admin     Category: Linux Administration

When PHP is not compiled with Mysql, you see the error

Fatal error: Call to undefined function mysql_connect() in filename.php on line xx

on your website though the database details mentioned in the configuration file are correct. In order to solve the problem, install the “php-mysql” package using yum

# yum install php-mysql

Once installed, restart the httpd service

# service httpd restart

To check if the package is installed properly, create a phpinfo.php file under your account with the following contents

<?php
phpinfo();
?>

and browse the phpinfo file.

http://yourdomainname.tld/phpinfo.php

You will see a separate Mysql section in the PHP information. Your website should no longer receive the “Call to undefined function” error message.

(0) Comments
Next Entries »