Elxis CMS Forum
Support => Installation => Topic started by: jimmyz on May 08, 2009, 12:13:26
-
Tried to install the brand new Pandora version of Elxis. On step 1 (Pre-installation check), Recommended settings adviced me to correct some things in my .htaccess, in order to set php: Display Errors, Register Globals, Allow URL fopen, Short Open tag. Also, a recommendation was made for disabling system, exec, passthru, shell_exec, suexec, dbmopen, popen, proc_open, disk_free_space, diskfreespace, set_time_limit, leak functions.
So, I opened .htaccess (in Kwrite) and I added in the beggining of the file:
php_flag display_errors Off
php_flag register_globals Off
php_flag allow_url_fopen Off
php_flag short_open_tag Off
php_value disable_functions system, exec, passthru, shell_exec, suexec, dbmopen, popen, proc_open, disk_free_space, diskfreespace, set_time_limit, leak
I refreshed the step one page:
Internal Server Error
The server encountered an internal error or misconfiguration and was unable to complete your request.
Please contact the server administrator, xxx@mail.com and inform them of the time the error occurred, and anything you might have done that may have caused the error.
More information about this error may be available in the server error log.
Additionally, a 500 Internal Server Error error was encountered while trying to use an ErrorDocument to handle the request.
My error log was saying:
[Fri May 07 01:55:00 2009] [alert] [client xx.xx.xx.xx] /home/.../public_html/.htaccess: php_flag takes two arguments, PHP Flag Modifier
[Fri May 07 01:55:00 2009] [alert] [client xx.xx.xx.xx] /home/.../public_html/.htaccess: php_flag takes two arguments, PHP Flag Modifier
[Fri May 07 01:55:00 2009] [alert] [client xx.xx.xx.xx] /home/.../public_html/.htaccess: php_flag takes two arguments, PHP Flag Modifier, referer: http://sitename.org/installation/index.php
[Fri May 07 01:55:00 2009] [alert] [client xx.xx.xx.xx] /home/.../public_html/.htaccess: php_flag takes two arguments, PHP Flag Modifier, referer: http://sitename.org/installation/index.php
Googled for a while, and found out that the fifth directive should not include the spaces between the functions, as it is shown on the installation page. Do not just copy/paste. Remove the spaces. Like:
php_value disable_functions system,exec,passthru,shell_exec,suexec,dbmopen,popen,proc_open,disk_free_space,diskfreespace,set_time_limit,leak
Note1: Although allow_url_fopen was set to Off, installation page kept saying it is not. Why?
Note2: php_flag name = on|off, didn't work, too. Correct is: php_flag name on|off
Hope it is not just me :)
Thank you Elxis Team for this new, fully functional version!
-
The installer reads the php.ini value. You better tell your hosting provider to apply these settings in the server's php.ini rather than putting them in an htaccess file. These PHP's directives are safe to be disabled and unsafe to not be disabled.
-
ask your provider to setup this for you...
error 500? perhaps on suphp ?
if yes then you can't use php_flag...
i have started an article on wiki exactly for those people that asking for max security and how to setup php for this perpose...
hoping to finished it soon!
-
This was a local installation case. But, I tried to change these directives through .htaccess, because, when it is online, one can move more freely with it (.htaccess). The server that hosts me is a shared one, running apache. register_globals, display_errors, short_open_tag, did obey the .htaccess. Why allow_url_fopen didn't?
This is just an academic question. On my live site, running elxis 2008 - nemessis, I had asked from my host to do the changes.
Thank you all.
-
you can use use the .htaccess file in order to modify url_fopen only in PHP <=4.
As for php5 you might want to ask your provider to allow_url_fopen = On in your account only (your OWN php.ini) or modify that directly in your account server php.ini if you have access to.