Portal Home > Knowledgebase > Articles Database > suhosin and .htaccess
suhosin and .htaccess
Posted by host plugin, 09-03-2007, 01:57 AM |
hi,
I just installed suhosin to setup some limits on one of my servers, everything works well. however, user can still remove these limits by adding php_value in .htaccess, which is not so good.
so I was wondering if there's any way to solve this problem? thx in advance
|
Posted by david510, 09-03-2007, 02:06 AM |
Try adding the following option inside the
section in virtualhost entry of the domain in httpd.conf file.
php_admin_flag engine off
|
Posted by host plugin, 09-03-2007, 10:08 AM |
so the only way to stop user overwritting my suhosin settings is to add the above lines? and if I have hundreds of users on my server I have to do this hundred times? is there any other way? thanks
|
Posted by host plugin, 09-03-2007, 11:26 AM |
nevermind, figured out, thanks
|
Posted by BizB, 10-10-2007, 07:00 AM |
can you please tell me how you did it ?
|
Posted by whmcsguru, 10-10-2007, 10:17 AM |
Firstly, you don't need to do this in every virtual host. You can instead add (before all hosts)
This should work well enough
Secondly, there is no reason to do this in the first place. Allowing individuals to change suhosin settings means that they can configure their site to their own needs. Suhosin CAN break websites, and they're obviously changing this value for a reason. If you want to lose your customer, by all means, make sure they can't change it.
Unlike suphp/phpsuexec, suhosin is meant to be able to be configured individually, to be able to fix the problems caused by suhosin on their website.
|
Add to Favourites Print this Article
Also Read