• If you are still using CentOS 7.9, it's time to convert to Alma 8 with the free centos2alma tool by Plesk or Plesk Migrator. Please let us know your experiences or concerns in this thread:
    CentOS2Alma discussion

Can't disable PHP safe_mode

IgorG,

I am on Plesk 9.5.3 (Debian Lenny x64) I am experiencing the same issue as the first poster. I'm going into "Web Hosting Settings" for a domain name and I'm using FastCGI and Disabling "PHP "safe_mode"" but when I look at a phpinfo page on that site it still says that safe_mode is still enabled!

Screenshot:

http://img708.imageshack.us/img708/4774/selection041.png

this command comes back with nothing:

grep -i safe_mode /var/www/vhosts/domainname.com/conf/httpd.include

I've manually searched the httpd.include file for safe_mode and there's nothing there about it.

I have also tried completely deleting the account and domain name and its entire folder and setting it backup from scratch but the issue still happens.

Please advice.

Thank you.
 
Last edited by a moderator:
Jorge,

Edit /etc/php.ini for the server (assuming you have root access to the server) and disable safe_mode.

For those running PHP in the default mode of "Apache Module", toggling the Safe Mode option in Plesk will still function. For those running PHP as FastCGI they will always have safe_mode off.

It's the only way to do it until Parallels implements custom php.ini files on a per domain basis with PHP over FastCGI.

Cheers,

Jordan
 
Alright... Thank you for your response. But is it really a good idea to disable safe_mode for -all- accounts on a shared hosting server? I couldn't find any conclusive answer on google on whether or not it was a good idea to do so. I know they are just completely removing safe_mode in PHP 5.3.x so maybe it really wasn't that important?
 
Jorge,

That may well be true. I look at it from two angles:

1. Most people want to play around with web apps (whether they use them on their site or not), and just about every web app requires safe_mode be disabled anyway. Additionally, using web apps with FastCGI provides better security than as an Apache module since they're locked to the permissions of their user account.
2. Plesk defaults the creation of domains to PHP via Apache Module (where the safe mode toggle functions) and Safe Mode being off anyway.

A client will choose FastCGI mode to avoid file permission problems after uploading files. In almost all cases, this problem occurs after using a web app that requires safe_mode be disabled anyway. Thus, just about everyone needing to use FastCGI will likely require safe_mode be disabled.
 
I just noticed that there is no /etc/php.ini...

a phpinfo page on that website shows the following:

Configuration File (php.ini) Path /etc/php5/cgi
Loaded Configuration File /etc/php5/cgi/php.ini

So I edited that file instead and set safe_mode to Off.
 
You must log in or register to reply here.

Similar threads

A
Issue issue with php pages
Replies
14
Views
2K
gulshan212
gulshan212
A
Question custom nginx config
Replies
6
Views
300
andyxyz
A
E
Question Optimize a high traffic website
Replies
5
Views
5K
ChristophRo
ChristophRo
T
Question PHP warning: Constant WP_DEBUG_DISPLAY already defined
Replies
6
Views
243
Kaspar
K
G
Question Can vhost template in Plesk be configured to wildcard IPs?
Replies
0
Views
438
GrZeCh
G
Back
Top