Chat with us, powered by LiveChat
How to enable/disable php safe_mode globally & locally

How to enable/disable php safe_mode globally & locally


PHP safe_mode is very important in terms of server security because it restricts and disables the dangerous functions in PHP from the scripts like PHP Shell that can otherwise cause damage to your server and client Sites. PHP safe mode is an attempt to solve the shared server security problem. It is architecturally incorrect to try to solve this problem at the PHP level, but since the alternatives at the web server and OS levels aren’t very realistic, many people, especially ISP’s, use safe mode for now. When using PHP as an Apache module, you can also change the configuration settings using directives in the Apache Web Hosting configuration files (e.g. httpd.conf), php.ini file and .htaccess files.

Activate/deactivate Safe Mode Globally

It is very simple to activate safe mode on the entire server. All you need to do is just edit the php.ini file. If you can’t find where php.ini is or have multiple copies on your server the best thing to do is run the following command on the shell:
#php -i | grep php.iniA few lines down you’ll see this:
Configuration File (php.ini) Path: /usr/local/Zend/etc/php.ini or /etc/php.ini1) Open up php.ini .
vi /path to php/php.ini (replace with the path to your php.ini file)

2) Find the following line: safe_mode

3) Turning safe mode on or off.
safe_mode = Off
You may active it by or turn it off by changing it to either On OR Off.
safe_mode = On

4) Restart the Apache web server by
/etc/init.d/httpd restart or Kill all exiting httpd connection and run
service httpd startssl

Activate/deactivate Safe Mode Using Per Site Basis ie. Activate/deactivate Safe Mode locally

There are some applications or scripts that require safe_mode off like Modernbill and galleries etc, or any other script doesn’t work well with safe_mode. It is not a good idea to disable safe_mode on the entire server just for these application or scripts; in this situation you can disable php safe mode locally i.e for that particular site or account only.

There are two way to do this

A] In httpd.conf file

1] Then find the httpd.conf, normally it’s in /etc/httpd/conf/ or /usr/local/apache/conf/

2) Then find the Site you wish to edit.
You should see the virtualhost configuration of that Site

ServerAdmin [email protected]
DocumentRoot /home/domain/public_html
BytesLog domlogs/
User domain
Group domain
CustomLog domlogs/ combined
ScriptAlias /cgi-bin/ /home/domain/public_html/cgi-bin/

3) Now add this line:

php_admin_flag safe_mode Off
php_admin_value safe_mode 0

4] Save the file and Restart the Apache web server by running the following command:

service httpd restart

B] .htaccess file

1]Find the .htaccess file under public_html folder or that particular application ,scripts folder of that site if it is not present then create .htaccess file

# vi .htaccess

2] Insert this line into your .htaccess file:

php_admin_flag safe_mode Off
php_admin_value safe_mode 0

There are several Apache directives that allow you to change the PHP configuration from within the Apache configuration file itself.

php_value name value
This sets the value of the specified variable.
php_flag name on|off
This is used to set a Boolean configuration option.

php_admin_value name value
This sets the value of the specified variable. “Admin” configuration settings can only be set from within the main Apache configuration files, and not from .htaccess files.
php_admin_flag name on|off

Like this post ?

Share on your Social Networking Profile ( Facebook, Twitter & Google+ ) and get a flat 10% Recurring discount on our VPS Hosting and Dedicated Servers.

Email us the shared link at : [email protected] or speak to our live chat operator now, by clicking on the “Live Chat” Scroller on the left-hand side of this page and we will provide you with the discount Coupon right away!



Leave your comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.