HelioHost Posted February 23, 2019 Posted February 23, 2019 Username: astron, Server: Tommy, Main domain: astron.heliohost.org Some of the things that I have discovered and that could be changed orgiven the possibility of changing to the user through cpanel.The firstirst - Public Display of PHP Errors EnabledThe server is set to display PHP errors. This is not recommended forproduction environments as it may cause sensitive information to bepublicly disclosed. You should contact your hosting provider or systemadministrator and ask them to set the display_errors PHP setting to Off. The second - it appears if to use php 7.2...There are enabled such a functions, what would be better, if they aredisabled by default and there is possible turn on if they are reallyneeded. Here are these functions:exec, system, pcntl_exec, popen, proc_open, shell_execIf possible, please add them to the disable_functions PHP setting.Sorry, if I'm wrong.11/02/2019All errors are still there. *Kalju kaljukass@gmail.com *
Krydos Posted February 23, 2019 Posted February 23, 2019 Errors are intentionally enabled. New users have a lot of trouble debugging php errors and having the errors displayed makes it a little easier for them. Advanced users can disable errors being displayed for additional security if they wish in their scripts. Thanks for noticing that those functions were enabled. We always keep them disabled, but for some reason cpanel sometimes re-enables them without any warning. They've been disabled again.
Recommended Posts