• If you are still using CentOS 7.9, it's time to convert to Alma 8 with the free centos2alma tool by Plesk or Plesk Migrator. Please let us know your experiences or concerns in this thread:
    CentOS2Alma discussion

PHP Safe mode settings

I

iggy

Guest
Some sites on my server are going to have to have PHP Safe Mode disabled, while the normal default is to have safe mode on. How dow I set this up with IIS? When I was using Apache on a Linux server, I could edit the httpd.conf file and add the php_value lines that I wanted to modify the defaults that are found in the php.ini file. I don't know where the equivalent is for IIS.

Any help would be great.
 
I switched to safe mode (C:\WINDOWS\php.ini) but then horde failed..

So I just disabled some functions as in linux..(system,exec,passthru,popen,shell_exec)
 
That may be what I have to do, but I would still prefer if there was some way to have different php.ini settings on a per domain basis. I want to lock down as many domains as I can as tight as I can.
 
You can. If you look at the \vhosts\webmail\ directory you will notice a php.ini file in there. This is used for horde, although the base settings are set in main \%systemdir%\php.ini you can set settings per domain. When you do this just set the php.ini file you create to be readable, writable by admin, and psa users, not the user for the domain so they can't edit it.
 
Thanks for the input, but I found another way.

I went to Plesk support with this question as well and this is what they sent me:

Yes, you can use custom php.ini in virtual domains. I've found that it's
possible also to use registry, but we have not yet checked it.

=====================
How the registry to do per-directory settings.

HKEY_LOCAL_MACHINE\SOFTWARE\PHP\Per Directory Values

Create keys for each directory, then add the entries. So if you're
website is at c:\inetpub\vhosts\DOMAIN, under the above key, add:

HKEY_LOCAL_MACHINE\SOFTWARE\PHP\Per Directory
Values\c\inetpub\vhosts\DOMAIN\

where \c\inetpub should be replaced with directory where virtual hosts
have been installed, DOMAIN is the domain name where custom PHP settings
are required.

=====================
Click to expand...

This works. I used it to turn off safe mode for a given domain.
in HKEY_LOCAL_MACHINE\SOFTWARE\PHP\Per Directory Values\c\inetpub\vhosts\somedomain.org I added the string value safe_mode and set the value to 0. Safe mode is now off locally for that domain while still on globally, just as it would appear when changing values in httpd.conf on an Apache server.
 
You must log in or register to reply here.

Similar threads

Stergios G
Resolved Error: Unable to retrieve information about the PHP configuration
Replies
2
Views
214
Stergios G
Stergios G
I
Issue Problem with Modsecurity 2.9. Error: Could not set variable "ip.brute_force_counter" and Could not set variable "ip.xmlrpc_counter" as the collection
Replies
1
Views
121
Peter Debik
P
H
Issue Plesk hs following a false manipulation
Replies
10
Views
574
Peter Debik
P
andreios
Issue Problem with excessive PHP opcache file caching
Replies
2
Views
215
andreios
andreios
LionKing
Resolved PHP Warning: parse_ini_file(): open_basedir restriction in effect
Replies
2
Views
374
LionKing
LionKing
Back
Top