Jump to content
DJAx3L

Secure from PHP shells

By DJAx3L, in Tutoriale in engleza

Recommended Posts

DJAx3L Newbie

DJAx3L

Posted
Posted (edited)

PHP shells are a big threat to servers, as many hackers use them to run commands on a server. In this tutorial you will find out how to turn the safe mode on, because it restricts and disables the dangerous functions in PHP from the scripts like PHP Shell that can cause damage to your server.

Things you have to do before you start:

1.] Make a backup of php.ini [ just incase ]

2.] Find the path to php.ini

3.] Login root account in your shell

Let's start:

1.] Open "php.ini" in pico editor.

[ pico /usr/local/lib/php.ini ]

2.] Find "safe_mode".

[ Ctrl + W and type "safe_mode" ]

3.] Change:

[ "safe_mode = Off" to "safe_mode = On" ]

4.] Find "disabled_functions".

[ Ctrl + W and type "disabled_functions" ]

5.] Add the following functions:

[ system, exec, shell_exec, passthru, pcntl_exec, putenv, proc_close, proc_get_status, proc_nice, proc_open, proc_terminate, popen, pclose, set_time_limit, ini_alter, virtual, openlog, escapeshellcmd, escapeshellarg, dl, curl_exec, parse_ini_file, show_source ]

6.] Save the file.

[ Ctrl + X then Y ]

7.] Restart Apache web server.

[ /etc/init.d/httpd restart ]

Edited by wvw

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
Go to topic listing
×
×
  • Create New...