Securing PHP through WHM

Bare Metal Servers and Cloud Server Hosting

InetServices offers both Windows and Linux bare metal server hosting, and cloud server hosting for any small to medium size business. We also offer both PCI and HIPAA Compliant servers allowing you to achieve PCI or HIPAA Compliance without all the worries of figuring it out. InetServices offers much more than just dedicated servers and cloud servers, we offer you a complete solution to your hosting needs including Big Data, Disaster Recovery, and High Availability services.

1. Log on to your WHM as root.
2. Go to Service Configuration section.
3. Click on PHP Configuration Editor
4. You can configure various PHP security and performance tweaks

If you have many users running different php scripts at the same time, you should keep the following variables to a minimum value to deliver optimum performance to all users. If you run a server with only power users who need to use the applications heavily and deal with huge file uploads, then you can set the limits to higher values.
•
• max_execution_time
• upload_max_filesize
• memory_limit
• max_input_time

As far as security tweaks are concerned, keeping register_globals globally turned OFF will add to server security. If some scripts require it turned ON, you could turn it ON separately for the owner of the script using a php.ini file and add the following directive into the file:
• register_globals = On
Also, you can keep safe_mode ON for php, which disables many vulnerable functionality of PHP.
Click Save

You can enable php-openbase-dir for enhancing php security:

1. Log on to your WHM as root.
2. Go to Security Center section.
3. Click on PHP open_basedir Tweak
4. Activate Enable php open_basedir Protection

Bare Metal Servers and Cloud Server Hosting

Securing PHP through WHM
Home / Cloud Server Hosting / Securing PHP through WHM

Leave a Reply Cancel reply