• If you are still using CentOS 7.9, it's time to convert to Alma 8 with the free centos2alma tool by Plesk or Plesk Migrator. Please let us know your experiences or concerns in this thread:
    CentOS2Alma discussion

Disable safe mode in PHP

hey ad7742, I can't get your fix to work. at the begining when you say to do this:

"cd /home/httpd/vhosts/DOMAINNAME/conf
touch vhost.conf
chmod 777 vhost.conf
exit"

this doesn't change the permissions, I still don't have access to the conf file.

I don't know what I'm doing wrong.

after I type in "cd /home/httpd/vhosts/DOMAINNAME/conf " the prompt changes to reflect this change.

when I enter these:

"touch vhost.conf"
"chmod 777 vhost.conf"

nothing really happens, there is not error message or anything saying I typed something in wrong, and I also don't get any kind of confirmation that something has been changed etc. so I don't know if anything is actually being changed

i'm desperate for help, I willing to pay someone to help me set this up
 
Using a combination of ad7742's instructions and the following KB article, I was able to get this to work:

http://kb.swsoft.com/article_19_1345_en.html

after I created the vhost.conf file using touch, I just edited it using vi but I put the following text from the KB:

<Directory /home/httpd/vhosts/forums.gouranga.com/httpdocs>
php_admin_flag safe_mode off
</Directory>

and then ran

/usr/local/psa/admin/sbin/websrvmng -a -v

and then restarted Apache. I only got this to work on 7.5.4 after using a combination of both sets of instructions. For some reason, I couldn't get either on their own to work. Thanks for all the help.

Originally posted by ad7742
Note that the following instructions do need _some_ familiarity with Linux (which you admit you don't have, so be careful!). They should work fine, but if anything goes wrong or you get the syntax incorrect, then Apache will not restart. I have added instructions at the bottom for how to remedy this worst-case scenario. I would STRONGLY suggest reading this whole post several time to ensure you understand what's going on before undertaking the task!

Firstly, do not edit httpd.include. This will simply be overwritten by Plesk.

The correct way to do this is to create a new file called vhost.conf in the conf folder, and put the changes in there.

PuTTY into the server and type this:

cd /home/httpd/vhosts/DOMAINNAME/conf
touch vhost.conf
chmod 777 vhost.conf
exit

(Obviously replace DOMAINNAME with the relevant domain name)

The chmod command allows you to edit the vhost.conf file via FTP, so you can use any text editor you like. :) Do make sure you save the file in UNIX mode, not DOS.

Next, edit that file so that it contains the following:

<Directory /home/httpd/vhosts/DOMAINNAME/>
php_admin_value safe_mode 1
</Directory>

Next you will need to make sure that this file is read in by Apache when it restarts. Those nice people at Plesk have made a script to do this. PuTTY back into the server and type the following:

/usr/local/psa/admin/bin/websrvmng -a

That command tells Plesk to reconfigure Apache to read in your vhost.conf file (for those of you who are interested, it tells Plesk to edit the httpd.include file so that that file automatically includes the vhost.conf file!). Next you must restart Apache. On RedHat you type:

/etc/rc.d/init.d/httpd restart

If Apache doesn't restart properly then something has gone wrong! Your web server is now not functioning, so we need to sort that out! To do this, firstly we must remove the vhost.conf file (which is presumably where the error is). To do this, type in:

rm /home/httpd/vhosts/DOMAINNAME/conf/vhost.conf

Now we must tell Apache to ignore that vhost.conf file, so re-run that command that reconfigures Apache:

/usr/local/psa/admin/bin/websrvmng -a

Finally restart Apache:

/etc/rc.d/init.d/httpd restart

There. Fixed. Now re-read these instructions and try again! :)

FYI If you want to have safe mode off for the HTTPS version of the site, repeat the above instructions word-for-word, but make the name of the conf file "vhost_ssl.conf". To clarify, if you wanted safe mode off for both HTTP and HTTPS requests, your conf folder would contain three files:

httpd.include
vhost.conf
vhost_ssl.conf

(Actually, it may also contain httpd.include.bak, made by Plesk...)

I hope the above is useful to someone. Any questions, put a post here.

Finally, I would strongly suggest never turning off safe_mode if your client has FTP access. They could install a PHP script and gain SSH access to your server.

[ cheers for the suggestion regarding the restarting Apache, Gerhard ] :)
Click to expand...
 
You must log in or register to reply here.

Similar threads

Stergios G
Resolved Error: Unable to retrieve information about the PHP configuration
Replies
2
Views
255
Stergios G
Stergios G
E
Resolved How can I disable "Dedicated FPM application" but still allow user to change PHP version?
Replies
2
Views
454
enduser
E
R
Resolved New Plex server, homepage works, but all other files/directories won't.
Replies
1
Views
107
Reflux8731
R
A
Question Assistance Needed: Setting Up Reverse Proxy for Joplin Server on Plesk VPS
Replies
0
Views
456
alborworld
A
H
Issue Plesk hs following a false manipulation
Replies
10
Views
598
Peter Debik
P
Back
Top