Want to subscribe to topics you're interested in?
Become a Member

PHP-FPM exec PHP and shell_exec PHP function

Discussion in 'Nginx, PHP-FPM & MariaDB MySQL' started by Sunka, Oct 6, 2016.

  1. Sunka

    Sunka Active Member

    917
    240
    43
    Oct 31, 2015
    Rijeka, Croatia
    Ratings:
    +388
    Local Time:
    2:29 AM
    Nginx 1.13.3
    MariaDB 10.1.24
    For image optimisation with this addon, exec PHP and shell_exec PHP function need to be enabled.
    How to see is it enabled, and if is not, how to enabling it?

    Is it safe to that two function be enabled?
     
  2. hitman

    hitman Member

    115
    9
    18
    Jul 18, 2014
    Ratings:
    +13
    Local Time:
    3:29 AM
    hello
    you can check your php-fpm.conf file for these functions in this path
    Code:
    /usr/local/etc/php-fpm.conf
    shortcut for this is fpmconf and it opens with nano.

    you can find php_admin_value[disable_functions] near the end.

    regarding if it is safe or not, do not quote me on this but i believe it has to do with what you are running on your server.
    if somehow you can give permissions to execute these functions only by the script you need then it could be safer i think
     
    • Like Like x 1
    • Informative Informative x 1
  3. Sunka

    Sunka Active Member

    917
    240
    43
    Oct 31, 2015
    Rijeka, Croatia
    Ratings:
    +388
    Local Time:
    2:29 AM
    Nginx 1.13.3
    MariaDB 10.1.24
    I can see only for shell_exec php-fpm.conf, not for another one exec PHP

    Code:
    php_admin_value[disable_functions] = shell_exec
    To enable, I just deleteshell_exec, so that row will be:
    Code:
    php_admin_value[disable_functions] = 
    or just to comment out that row?

    What about another one variable?
     
  4. eva2000

    eva2000 Administrator Staff Member

    30,194
    6,789
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +10,144
    Local Time:
    10:29 AM
    Nginx 1.13.x
    MariaDB 5.5
    yup @hitman directions are correct, only shell_exec is disable via php-fpm.conf so need to re-enable it by removing the entry and check your phpinfo file to see
     
    • Like Like x 1
  5. eva2000

    eva2000 Administrator Staff Member

    30,194
    6,789
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +10,144
    Local Time:
    10:29 AM
    Nginx 1.13.x
    MariaDB 5.5
  6. Sunka

    Sunka Active Member

    917
    240
    43
    Oct 31, 2015
    Rijeka, Croatia
    Ratings:
    +388
    Local Time:
    2:29 AM
    Nginx 1.13.3
    MariaDB 10.1.24
    Also, trying to find is PHP proc_open enabled or disabled on my server.
    I can not find it in php.ini nor other php conf file.
    So it is enabled or...?
     
  7. eva2000

    eva2000 Administrator Staff Member

    30,194
    6,789
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +10,144
    Local Time:
    10:29 AM
    Nginx 1.13.x
    MariaDB 5.5
    if not set in disable_functions listing in phpinfo output, then not disabled

    also if a function is disabled and set in disable_functions, and your php script requires the function, it will log into nginx error log that disable_function is attempting to be used

    i.e. attempting to run shell.php with shell_exec command when it's set in disable_functions
    Code (Text):
    2016/10/06 00:19:21 [error] 14781#14781: *1 FastCGI sent in stderr: "PHP message: 
    PHP Warning:  shell_exec() has been disabled for security reasons in shell.php on line 2"
    while reading response header from upstream, client: ip, server: centos7.localdomain, request: "GET /shell.php HTTP/1.1", upstream: "fastcgi://127.0.0.1:9000", host: "hostip"
     
    Last edited: Oct 6, 2016
    • Informative Informative x 1