Plesk

How to prevent filesystem browsing with php shell scripts?

  • Dmitry Bystrov

    • Question

    PHP shell script was uploaded under the home directory of subscription.

    How to prevent filesystem browsing with php shell scripts?

    Answer

    It's possible to disable shell_exec and other functions in PHP by using the disable_functions directive:

    Warning: Applications may rely on these functions and may not work properly when restrictions are applied.

    For Plesk Onyx 17.8 and newer

    1. Login to Plesk

    2. Navigate to Domains > example.com > PHP Settings

    3. Set the following value to the disable_functions:

      opcache_get_status,exec,passthru,shell_exec,system,proc_open,popen

      Note: To set the restriction to multiple domains at once, this value can be specified in Service Plans > <service_plan> > PHP Settings > disable_functions, or to apply it server-wide, in panel.ini as settings.performance.disable_functions

    For Plesk Onyx 17.5 and older

    1. Login to Plesk

    2. Navigate to Domains > example.com > PHP Settings

    3. Add the following line under Additional configuration directives and apply the changes:

      disable_functions=opcache_get_status,exec,passthru,shell_exec,system,proc_open,popen

    Tweet
    Share
    Share
    Email
    0 Shares
    Exit mobile version