I'm using CentOS 5, Cpanel/WHM with php as cgi, when i try to put a php.ini file to to custom php for one account and it overwrite main setting on our server, someone use this bug to run c99 and try local attack other account, i've try fix this problem by edit /opt/suphp/etc/suphp.conf and set phprc_paths to /usr/local/lib/. But when i do this, php.ini in my custom account doesnt work any more... How can i custom php for one account and it not effect to main setting to prevent local attack ?
P/S: I've tried with mod_security and help prevent prevent alot of, but not all. Sorry my english not good
Last edited by VIETHOSTING; 05-18-2008 at 04:23 PM.
VIETHOSTING.VN - Dịch vụ Hosting, Tên miền, Email Hosting, Cloud VPS, Máy chủ tại Việt Nam