WHM

Disable dangerous PHP functions on your web hosting server

Not dangerous by design, some PHP functions can be used for malicious purposes. Many web hosting providers choose to disable such functions. Some of the functions are: apache_child_terminateapache_get_modulesapache_noteapache_setenvdefine_syslog_variablesdisk_free_spacedisk_total_spacediskfreespacedlescapeshellargescapeshellcmdexecextractget_cfg_varget_current_usergetcwdgetenvgetlastmodgetmygidgetmyinodegetmypidgetmyuidini_restoreini_setpassthrupcntl_alarmpcntl_execpcntl_forkpcntl_get_last_errorpcntl_getprioritypcntl_setprioritypcntl_signalpcntl_signal_dispatchpcntl_sigprocmaskpcntl_sigtimedwaitpcntl_sigwaitinfopcntl_strerrorppcntl_waitpcntl_waitpidpcntl_wexitstatuspcntl_wifexitedpcntl_wifsignaledpcntl_wifstoppedpcntl_wstopsigpcntl_wtermsigphp_unamephpinfopopenposix_getloginposix_getpwuidposix_killposix_mkfifoposix_setpgidposix_setsidposix_setuidposix_ttynameposix_unameposixcproc_closeproc_get_statusproc_niceproc_openproc_terminateps_auxputenvreadlinkrunkit_function_renameshell_execshow_sourcesymlinksyslogsystem For more details on these functions please search the PHP site at…

Continue ReadingDisable dangerous PHP functions on your web hosting server

Whitelist Google, Bing, Yahoo, Yandex, Baidu bots in csf and mod_security

ConfigServer Security & Firewall or csf for short is a popular firewall solution for cPanel servers. Combined with some good rules for mod_security, it does a great job. To prevent csf temporary/permanently blocking the IPs of good bots you should…

Continue ReadingWhitelist Google, Bing, Yahoo, Yandex, Baidu bots in csf and mod_security