Portal Home > Knowledgebase > Articles Database > WHM / CSF


WHM / CSF




Posted by LynxUser, 07-24-2010, 08:32 AM
Hello and good day to you all ! I'am currently setting up a new server, Using CSF too. I see this option within the settings: PHP register_globals is considered a high security risk. It is currently enabled in /usr/local/cpanel/3rdparty/etc/php.ini and should be disabled (disabling may break 3rd party PHP cPanel apps) I am trying to edit this but it says I don't have permission, But before the edit when I login to the file, I see this at the top: Do I run this first or... As I don't want to edit or run incase it does somethingterrible. Thanks.

Posted by HelpOps, 07-24-2010, 09:35 AM
In WHM, navigate to your PHP Configuration Editor and disable register_globals

Posted by LynxUser, 07-24-2010, 09:40 AM
This is off - But when I go to WHM > CSF > Check security I see: Its ON: PHP register_globals is considered a high security risk. It is currently enabled in /usr/local/cpanel/3rdparty/etc/php.ini and should be disabled (disabling may break 3rd party PHP cPanel apps) Using litespeed by the way !

Posted by madaboutlinux, 07-24-2010, 10:03 AM
The WHM >> "PHP Configuration Editor" edits the php.ini file that is used by all the accounts on the server and not by cPanel. cPanel uses it's own php.ini located at /usr/local/cpanel/3rdparty/etc/php.ini and cannot be edited from the above option. SSH to your server as user "root" and edit the file Search for "register_globals" and change ON to Off. Once done, save the file and execute the command on shell itself Thats it.

Posted by LynxUser, 07-24-2010, 10:39 AM
I can open the file and change but when I do ctrl + x to save I get permission denied. Last edited by LynxUser; 07-24-2010 at 10:43 AM.

Posted by xeonfan, 07-24-2010, 05:33 PM
Are you sure you are running this as root/superuser ?

Posted by LynxUser, 07-24-2010, 05:56 PM
Yes Im 100% sure

Posted by PTWS, 07-24-2010, 07:49 PM
File is probbably chattr +i. Do a chattr -i and try again

Posted by LynxUser, 07-25-2010, 07:04 AM
You lost me there friend, What do you mean ? Can you explain properly.

Posted by madaboutlinux, 07-25-2010, 07:44 AM
When the 'i' attribute is set to a file, it means immutable. You can open the file to edit but cannot save changes. You can check these attributes by executing the command If you see the output as which means attribute is set and you need to remove it. Then remove the attribute Once done, you can now edit the file and make the changes. Don't forget to set the attribute back

Posted by LynxUser, 07-25-2010, 07:49 AM
when running the following it shows: output:

Posted by madaboutlinux, 07-25-2010, 07:54 AM
Just replace 'i' with 'a' chattr -a /usr/local/cpanel/3rdparty/etc/php.ini

Posted by LynxUser, 07-25-2010, 08:02 AM
So what I did was exectute: Edit the file via: And turn the globals off: I then ran: It done something And I then run: The comment has now gone from CSF, I assume it was right ! If so thanks your your help, Its kindly appreciated !

Posted by madaboutlinux, 07-25-2010, 08:05 AM
Right, it worked

Posted by LynxUser, 07-25-2010, 08:09 AM
Thanks yet again - May I throw you a few more questions regarding CSF and what to do ? Thats if you have enough time and your not to busy. CSF: score 11/12f Red ones show: Last edited by LynxUser; 07-25-2010 at 08:15 AM.



Was this answer helpful?

Add to Favourites Add to Favourites    Print this Article Print this Article

Also Read
DNS, 1&1 and Google (Views: 549)
under ddos (Views: 569)