Unable to enable allow_url_fopen and allow_url_include
Hello,
We've recently switched to PHP 7.1 as the system default and, as expected, there are some clients who have issues with their scripts after this change. One of our clients is unable to enable allow_url_fopen and allow_url_include via MultiPHP.
We use the following software combination:
- LiteSpeed Web Server (latest version, 5.3.4)
- CloudLinux 7
- CloudLinux PHP Selector and CageFS
- cPanel v76.0.8
- PHP 7.1 as the system default version
- lsapi as the PHP handler for all versions
I've enabled allow_url_fopen and allow_url_include via MultiPHP INI Editor and assured that it's set as enabled in the .htaccess, .user.ini, and php.ini files. Despite this, these options show up as disabled in phpinfo.
Switching to PHP 7.1 via CL PHP Selector and enabling the options there works just fine. It's only the PHP version of cPanel MultiPHP Manager that doesn't seem to apply these options.
Do you have any suggestion why?
Thank you in advance!
-
Hello @MH-Stefan, - lsapi as the PHP handler for all versions
Can you verify if lsapi_enable_user_ini is set to "On" in the /etc/apache2/conf.d/lsapi.conf file? This option is documented at: CloudLinux Documentation Thank you.0 -
I would be really careful allowing allow_url_include It can become a major security issue. 0 -
Yes, lsapi_enable_user_ini is enabled. Maybe lsapi_user_ini_homedir is required, too?
Hello @MH-Stefan, Yes, you may need to enable lsapi_user_ini_homedir as well. However, as noted in the previous posts, it's important to understand the security implications of doing so. I encourage you to vote and add feedback to the following feature request if you'd like to see a supported integration: Make MultiPHP INI Editor work with mod_lsapi Thank you.0
Please sign in to leave a comment.
Comments
4 comments