ini_set() disabled but error with pear

jonium

jonium

Verified User
Joined
Nov 10, 2010
Messages
208
Location
Alezio - Lecce- Apulia - South Italy
Hello,
I recently migrated some hostings from an old debian box with DA to a Centos one with DA, CB 2.0 plugin, suhosin, mod_php (5.5), mod_ruid2.
It seems that pear libs do not work because of this error:
PHP Warning: ini_set() has been disabled for security reasons in /usr/local/lib/php/pearcmd.php on line 31
I'd wish to left ini_set disabled for security, is there a way to fix it?

Thanks
 
Last edited:
Why do you think you need to disable ini set? enable it again.
 
Hello scsi,
following the instructions in the firewall check of CSF/LFD I went in php.ini and uncomment the raw of disable functions but in that raw there are more functions that in the CSF-LFD instructions... :eek:

Thanks
 
after removing ini_set from the disabled functions I re-run the firewall check and get:
Check php for ini_set disabled
You should consider adding ini_set to the disable_functions in the PHP configuration as this setting allows PHP scripts to override global security and performance settings for PHP scripts. Adding ini_set can break PHP scripts and commenting out any use of ini_set in such scripts is advised
... :confused:
It's a shared hosting server.
 
ini_set() disabled in phpmyadmin

hangxanh said:
this is an issue that I am interested.
thank you for sharing information.
Click to expand...

I have the same problem. Did you found any solution for this? If yes, can you share it please?
I am using CB 2.0 .
 
I think some of CSF/LFD's security advice can sometimes be a bit off. On my box it's complaining about a missing Apache binary, hence I'm getting a lower security score. I only have NGINX as a web server, so yes, there is no Apache binary. Is that a security risk? CSF/LFD also likes to look into the wrong Dovecot config at /etc/dovecot.conf (which I think shouldn't be there in the first place, but CustomBuild seems to put it back) to conclude that the cipher suite isn't strong enough. I wonder if it drills down the real (split) Dovecot config, but that's easy to test of course.
 
Last edited:
You must log in or register to reply here.
Back
Top