How to disable custom user.ini files in public_html for Easyapache 4
In a recent post on how to allow users to configure their custom PHP settings, we discussed the steps to enable custom php ini in cPanel servers with suPHP using EasyApache 4.
But in a shared server environment, it is usually not advisable to allow customers to have their own custom php.ini file to override the server wide settings.
To limit the resource usage per customer and to prevent them from overriding the default settings that may tamper with the server security, it is safer to disable this feature.
In our role as Outsourced hosting support specialists for web hosts, we usually disable the custom php.ini feature in servers and control the server wide PHP settings via the global php ini file.
Custom user.ini in cPanel servers
In cPanel/WHM servers, the script EasyApache is used to recompile Apache/PHP in the server and to customize the php.ini settings.
When the latest version EasyApache 4 was released, it came with many features such as PHP 7 support and custom PHP version per website.
The custom php ini files for users are saved in the “.user.ini” files in the document root of the website – the public_html folder – and the settings in it will be applied to all sub folders.
Today, we’ll see how to disable the custom user.ini files in public_html for cPanel servers running EasyApache 4.
Disable custom user.ini in cPanel servers using EasyApache 4
To disable the feature of users having their own custom user.ini file, the setting has to be changed in the server wide php.ini file.
As the latest Easyapache 4 allows multiple PHP versions, there is no single ‘/etc/php.ini’ for the global settings. The php.ini file location varies with the PHP version you have chosen for your cPanel server.
For example, for PHP 5.6, the php.ini file location is:
# php --ini Configuration File (php.ini) Path: /opt/cpanel/ea-php56/root/etc Loaded Configuration File: /opt/cpanel/ea-php56/root/etc/php.ini
Now, edit this ‘php.ini’ file, and un-comment the line to set the value for ‘user_ini.filename’ to empty. This will disable the feature for custom user.ini setting in the server.
;;;;;;;;;;;;;;;;;;;; ; php.ini Options ; ;;;;;;;;;;;;;;;;;;;; ; Name for user-defined php.ini (.htaccess) files. Default is ".user.ini" ;user_ini.filename = ".user.ini" ; To disable this feature set this option to empty value ;user_ini.filename =
Save the settings and restart Apache and you’re all good to go with the new PHP settings.
[ Focus on your core business without interruptions. Our tech support experts are here to manage your customers 24/7. ]
At Bobcares, our 24/7 server specialists constantly monitor all the services in the server and proactively audit the server for any errors or security issues in them.
This enables us to prevent a service downtime for our customers who are web hosts. If you would like to know how to avoid downtime for your customers and to secure your servers well, we would be happy to talk to you.