php.ini file path to disable php functions for security

[befree22]

Disable php functions for security

I read the 2 articles below about dangerous php functions and how to disable them.

http://stackoverflow.com/questions/1865020/php-how-to-disable-dangerous-functions
http://www.cyberciti.biz/faq/linux-unix-apache-lighttpd-phpini-disable-functions/

Could someone tell me which php.ini file I need to add the following code to inside Kloxo-MR?

Here's the code I want to add to the correct php.ini file:

Code: [Select]

disable_functions =exec,passthru,shell_exec,system,proc_open,popen,curl_exec,curl_multi_exec,parse_ini_file,show_source

Code: [Select]

allow_url_fopen=Off
allow_url_include=Off
FYI: I have a php.ini file that shared hosting provider added to the root folder of my Wordpress but I doubt this is the correct location in Kloxo-MR. The web hosted added the wrong code to the php.ini and I only noticed it today.

Thanks

[sIiiS]

no need to edit your php.ini

go to your panel, click on "Advanced PHP Configure" and in this form you can see "Disable Functions" ... so disable anythings you need !

[chrisf]

Not if using php-fpm, per domain/client advanced php doesn't work.  If you edit it as admin, it will edit the correct one, and set it server wide.

Eitherway, to answer your question.  /etc/php.ini