Comments (7)
Is there a way to detect when the FPM is in use automatically? It's be nice if it tried to detect that too (and maybe required a path to the conf file).
from iniscan.
Well, in my case, I simply gave the path to the php-fpm.conf file, but the report was the same as for php.ini, so the scanner has ignored the settings found there.
One problem is that those files contain several pools and each one can have different PHP settings, so it can be quite complex to report back. Each cell giving advice should have a note about the setting for each pool.
Per example, php.ini has no open_basedir setting, but each pool as a path so that users can't access files outside of their home directory
FAIL | WARNING | | open_basedir | [apps] Path is set, [special] Path is set, [php.ini] Warning...
from iniscan.
Hmm, interesting....I'll have to check that out. thanks for the heads up!
from iniscan.
Here is a template to give you an idea of what it looks like
[DOMAINNAME]
listen = /var/run/php5-fpm/DOMAINNAME.socket
listen.backlog = -1
listen.owner = nginx
listen.group = www-data
listen.mode=0660
; Unix user/group of processes
user = (THE USERNAME OF THE USER THAT OWNS THE SITE FILES)
group = www-data
; Choose how the process manager will control the number of child processes.
pm = dynamic
pm.max_children = 75
pm.start_servers = 10
pm.min_spare_servers = 5
pm.max_spare_servers = 20
pm.max_requests = 500
; Pass environment variables
env[HOSTNAME] = $HOSTNAME
env[PATH] = /usr/local/bin:/usr/bin:/bin
env[TMP] = /tmp
env[TMPDIR] = /tmp
env[TEMP] = /tmp
; host-specific php ini settings here
; php_admin_value[open_basedir] = /var/www/DOMAINNAME/htdocs:/tmp
The bit at the end is where all the custom PHP values will be added
from iniscan.
Are they always prefixed with that "php_admin_value"?
from iniscan.
You also have the boolean values
php_flag[display_errors] = off
from iniscan.
cool, thanks
from iniscan.
Related Issues (20)
- Add support for configuration dirs HOT 5
- The configuration file could not be found HOT 9
- security.limit_extensions ? HOT 4
- Add warning if soap.wsdl_cache_dir is not set for PHP <= 5.6.7 (or if it is set to /tmp at all)
- Show "Current value" column in the scan results table HOT 2
- Support for open_basedir containing more then one paths set HOT 4
- Domain expired HOT 4
- Problem installing on PHP 7 (ocramius/instantiator dependency) HOT 5
- dump of the running php deamon HOT 1
- Invalid argument supplied for foreach() by running iniscan show HOT 4
- incorrect results / false positives HOT 9
- soap.wsdl_cache_dir: False positive (directory name /tmp[...]) HOT 1
- JUnit XML output format for CI integration HOT 2
- Have an option for a non-dynamic HTML output filename / make html filename configurable
- imap_open
- Symfony console ^5.0 compatibility.
- Feature request - scan a folder where all .ini files are placed HOT 1
- Check version for session.hash_function
- PHP 7.4 compatibility: warning and error
- session.cookie_domain
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from iniscan.