How to enable safe mode for php.ini in Xampp?
I just note that you have not filled in safe_mode_exec_dir and I hope that you've defined open_basedir. For multiple directories, be sure to separate the paths with a semi-colon and double quote the whole path string. For example:
safe_mode= Onsafe_mode_exec_dir= "F:\WWW\HTML;F:\batfiles\batch"
open_basedir= "F:\WWW\HTML;F:\batfiles\batch"
Also from the PHP manual :
Safe Mode is deprecated in PHP 5.3.0 and is removed in PHP 6.0.0.
From the same source:
for NT (IIS) each virtual host can run from different user account, so there is no need in Safe Mode restrictions at all, if proper NTFS rights are set.
Related videos on Youtube
02 : 11
02 : 26
01 : 10
06 : 36
04 : 33
rzlines
Computer Software and Hardware Enthusiast! Windows SuperUser and Linux newbie ;) Have recently proposed a site on area51, to cater to technology related recommendations. The objective is to allow users to request for recommendations for any sort of technology related service or product that they have not been able to identify by themselves and need guidance to find the most suitable one for their needs. Care to take a look? Feel free to join the project.
Updated on September 17, 2022Comments
-
rzlines over 1 year
I want to put my home server online for private use (using Xammp), so i need to put safe mode on (my OS is Windows XP)
So i changed the congif of php.ini in the php folder located in xampp to this:
Safe Mode ; safe_mode = On ; By default, Safe Mode does a UID compare check when ; opening files. If you want to relax this to a GID compare, ; then turn on safe_mode_gid. safe_mode_gid = On ; When safe_mode is on, UID/GID checks are bypassed when ; including files from this directory and its subdirectories. ; (directory must also be in include_path or full path must ; be used when including) safe_mode_include_dir = ; When safe_mode is on, only executables located in the safe_mode_exec_dir ; will be allowed to be executed via the exec family of functions. safe_mode_exec_dir = ; Setting certain environment variables may be a potential security breach. ; This directive contains a comma-delimited list of prefixes. In Safe Mode, ; the user may only alter environment variables whose names begin with the ; prefixes supplied here. By default, users will only be able to set ; environment variables that begin with PHP_ (e.g. PHP_FOO=BAR). ; ; Note: If this directive is empty, PHP will let the user modify ANY ; environment variable! safe_mode_allowed_env_vars = PHP_ ; This directive contains a comma-delimited list of environment variables that ; the end user won't be able to change using putenv(). These variables will be ; protected even if safe_mode_allowed_env_vars is set to allow to change them. safe_mode_protected_env_vars = LD_LIBRARY_PATHBut i still get PHP is NOT running in "safe mode", now i don't wanna put my server online before this happens can anyone tell me how to correct this error i have googled it but it has not helped
Also please suggest any other security measures/ configurations that i should take/change before putting it online
-
DaveParillo over 14 years+1 good answer, but safe mode is (today) applicable to xampp
-
Mau España about 3 yearsHow can I do that on Mac os X?
