Web Hosting Knowledge Base Web Hosting Knowledge Base
  • Home
Get Started
Web Hosting Knowledge Base Web Hosting Knowledge Base
Get Started
Web Hosting Knowledge Base Web Hosting Knowledge Base
  • Home
loading
  1. Home
  2. Developer Corner
  3. PHP development resources
  4. How to harden PHP 7 and earlier versions using cPanel
Updated on June 14, 2024

Developer Corner

  • Folder icon closed Folder open iconDeveloper Corner Resources
    • MySQL development
      • How to connect to MySQL using Node.js
      • How to connect to MySQL using Microsoft .NET
      • How to manage MySQL databases, users, and tables from the command line
      • How to back up MySQL databases using AutoMySQLBackup
      • How to reset the MySQL root password
      • MySQL server runs out of memory or does not start
      • MySQL user privileges on shared servers
      • How to create and execute MySQL stored functions and procedures
      • Using MySQL views
      • Using MySQL triggers
      • Working with MySQL database engines
      • How to check MySQL database and table sizes
      • How to repair MySQL databases and tables
      • How to enable the slow query log in MySQL
      • How to rename a MySQL database
      • How to use indexes to improve MySQL query performance
      • How to restrict MySQL port access
      • How to install phpMyAdmin on managed hosting accounts
      • How to create a MySQL installation for local testing
      • How to troubleshoot MySQL definer issues
      • Using SELECT INTO OUTFILE in MySQL
      • How to determine the MySQL version
      • How to Fix the MySQL Error 1064
    • Ruby developer information
      • How to install Ruby Gems
      • How to use the Interactive Ruby Shell to troubleshoot gems
      • How to set up multiple versions of Ruby with the cPanel Ruby Selector
      • How to configure a Ruby on Rails application on a shared hosting account
    • Linux for the developer
      • How to manage the inode count
      • How to determine high disk usage locations
      • How to use screen
      • How to monitor resource usage
      • How to use rsync
      • How to use cURL
      • How to disable e-mail notifications from cron jobs
      • How to use ImageMagick
      • How to change the time zone in the Linux shell
      • Cron jobs reset to 15-minute intervals
      • How to install and configure Advanced Policy Firewall
      • How to configure a firewall using iptables
      • How to set the default text editor in Linux
      • How to determine a server's memory usage
      • How to generate and verify file checksums on Linux
      • How to install the EPEL repository on CentOS
      • How to run a cron job automatically after a server reboot
      • Conntrack sessions
      • How to install and configure UFW (Uncomplicated Firewall)
    • Version control systems
      • How to use Git
      • How to configure a Git client
      • How to configure Subversion (SVN)
      • How to set up Subversion (SVN) access for multiple users
      • How to use the Mercurial version control system
      • How to configure Concurrent Versions System (CVS)
      • How to configure and use a newer version of Git
      • '403 Forbidden' error message when you try to push to a GitHub repository
    • Client-side technologies
      • How to use the jQuery JavaScript library on your hosting account
      • How to install Ember.js on managed hosting accounts
      • How to use the markItUp JavaScript plugin
      • How to Use Flash on Your Website
      • Does Hostvento Hosting Support MP3 Hosting Files?
      • Hostvento Hosting MIDI (Musical Instrument Digital Interface) Support
      • How to use React on your hosting account
    • Application deployment information
      • How to install the Docker application deployment environment
      • How to install a LAMP stack on an Ubuntu server
    • How to add CAPTCHA protection to your web site
    • How to control search engines and web crawlers using the robots.txt file
    • How to set up URL frame forwarding
    • SQLite information
      • How to connect to SQLite from the command line
      • How to connect to SQLite using PHP
      • How to connect to SQLite using Python
    • Using Lua on Hostvento Hosting servers
    • How to determine if your account uses CageFS
    • How to set up a virtual machine with VirtualBox for local testing
    • Web testing and development
      • How to create a PostgreSQL installation for local testing
      • How to create an Apache installation for local testing
      • How to install development tools on an unmanaged server
    • How to create persistent Node.js applications on shared and reseller hosting accounts
    • How to enable Cross-Origin Resource Sharing (CORS)
    • How to configure frames with X-Frame-Options header
    • Developing ADA-compliant web sites
    • Nginx web server configuration
      • How to install the Nginx web server
    • How to install and configure the AWS Command Line Interface (CLI)
    • How to edit hosts file on Mac
    • How to disable automatic creation of the robots.txt file
    • How to use an SSL certificate in a Node.js app
  • Folder icon closed Folder open iconHow to enable and disable PHP error messages
  • Folder icon closed Folder open iconHow to enable PHP error logging
  • Folder icon closed Folder open iconHow to enable and disable the PHP register_globals directive
  • Folder icon closed Folder open iconHow to use the PHP magic quotes directive
  • Folder icon closed Folder open iconHow to change the PHP time zone setting
  • Folder icon closed Folder open iconHow to enable and disable the PHP allow_url_fopen directive
  • Folder icon closed Folder open iconPHP max_execution_time Guide
  • Folder icon closed Folder open iconHow to change the maximum upload file size for PHP scripts
  • Folder icon closed Folder open iconHow to connect to MySQL from the command line
  • Folder icon closed Folder open iconHow to connect to MySQL using PHP
  • Folder icon closed Folder open iconHow to connect to MySQL using Perl
  • Folder icon closed Folder open iconHow to import and export a MySQL database
  • Folder icon closed Folder open iconHow to set up a remote MySQL connection
  • Folder icon closed Folder open iconUsing MySQL client applications
  • Folder icon closed Folder open iconHow to convert a MySQL database to UTF-8 encoding
  • Folder icon closed Folder open iconHow to convert the time zone in MySQL
  • Folder icon closed Folder open iconHow to back up MySQL databases using cron jobs
  • Folder icon closed Folder open iconInformation schema database in MySQL
  • Folder icon closed Folder open iconHow to connect to PostgreSQL using psql
  • Folder icon closed Folder open iconHow to connect to PostgreSQL using PHP
  • Folder icon closed Folder open iconHow to connect to PostgreSQL using Perl
  • Folder icon closed Folder open iconHow to import and export a PostgreSQL database
  • Folder icon closed Folder open iconHow to set up a remote PostgreSQL connection
  • Folder icon closed Folder open iconHow to use .htaccess files
  • Folder icon closed Folder open iconHow to change the default directory index page using an .htaccess file
  • Folder icon closed Folder open iconHow to enable and disable directory index listings using an .htaccess file
  • Folder icon closed Folder open iconHow to enable data compression using the mod_deflate module
  • Folder icon closed Folder open icon'403 Forbidden' error message
  • Folder icon closed Folder open iconHow to enable pathname information in URLs using the AcceptPathInfo directive
  • Folder icon closed Folder open iconHow to troubleshoot CGI scripts
  • Folder icon closed Folder open iconWhat is PHP?
  • Folder icon closed Folder open iconPHP script basics
  • Folder icon closed Folder open iconHow to view PHP settings with the phpinfo() function
  • Folder icon closed Folder open iconControlling PHP settings with a custom php.ini file
  • Folder icon closed Folder open iconUsing php.ini directives
  • Folder icon closed Folder open iconHow to run PHP scripts from cron jobs
  • Folder icon closed Folder open iconSetting the PHP include path
  • Folder icon closed Folder open iconHow to determine if a PHP function is available
  • Folder icon closed Folder open iconHow to fix '500 Internal Server Error' while running PHP
  • Folder icon closed Folder open iconPython script basics
  • Folder icon closed Folder open iconPerl script basics
  • Folder icon closed Folder open iconHow to troubleshoot Perl scripts
  • Folder icon closed Folder open iconHow to use the shebang
  • Folder icon closed Folder open iconPostgreSQL development
    • How to connect to PostgreSQL using Python
    • How to use PostgreSQL client applications
    • How to back up PostgreSQL databases using cron jobs
    • How to manage PostgreSQL databases and users from the command line
    • How to determine the PostgreSQL and PostGIS versions
    • How to determine the size of PostgreSQL databases and tables
    • How to rename a PostgreSQL database
    • ECCN and HTS numbers for PostgreSQL
  • Folder icon closed Folder open iconApache web server configuration
    • How to change the document root directory
    • How to add or remove the www prefix in domain URLs
    • How To Use Apache Access Log & Apache Error Log
    • How to rewrite URLs in Apache with the mod_rewrite module
    • How to use Server-Side Includes (SSI)
    • How to use the mod_speling Apache module
    • How to modify HTTP headers using .htaccess files
    • How to configure caching with the mod_expires module
    • How to disable entity tags (ETags)
    • How to use keep-alive connections to improve performance
    • How to control site access based on a visitor's country
    • How to turn off caching using .htaccess
    • How to install Apache Tomcat
    • How to protect a website folders using .htaccess
  • Folder icon closed Folder open iconPHP development resources
    • How to change PHP settings and versions on managed hosting accounts
    • How to set up custom .htaccess files for PHP settings
    • Using PHP directives in custom .htaccess files
    • Using PHP to send e-mail messages
    • How to install and configure PEAR packages
    • How to troubleshoot 'String could not be parsed as XML' error message in PHP
    • How to use the Exif extension in PHP
    • How to resolve some common issues after a PHP upgrade
    • How to use a custom php.ini file for cPanel cron jobs
    • How To Use PHP Sessions
    • ionCube PHP Loader support
    • How to specify the MySQL character set in PHP
    • How to fix the 'Unable to allocate memory for pool' PHP error
    • How to optimize Symfony using APC
    • How to use the internationalization (intl) extension in PHP
    • How to install PHP composer
    • How to determine if APC is installed on a server
    • How to use the MailChimp API with PHP
    • 'Allowed memory size exhausted' error message in PHP
    • How to use ionCube Loader with different PHP versions
    • How to enable PHP opcode caching
    • How to send e-mail using PHPMailer
    • How to harden PHP 7 and earlier versions using cPanel
    • Custom PHP settings per directory with .user.ini files
    • ionCube PHP Loader unavailable on PHP 8.0
    • How to change the PHP version for a specific directory
  • Folder icon closed Folder open iconPython
    • How to use virtualenv and pip
    • How to activate a Python virtual environment from a script file
    • How to send e-mail messages using Python
    • How to configure and use a newer version of Python
    • How to install and configure Django on unmanaged servers
    • How to install and configure Django on a Linux shared hosting account
    • How to install and configure Flask on a Linux shared hosting account
    • How to install FastAPI on unmanaged servers
  • Folder icon closed Folder open iconPerl Information Overview

How to harden PHP 7 and earlier versions using cPanel

Estimated reading: 3 minutes 127 views

PHP is the most widely used backend for most applications. Recently PHP 8.0 was launched with many new features. However, if your application is still on PHP 7.0 or an earlier version, there are a few steps you can take  to help harden your PHP to achieve better security. This article shows you steps to configure PHP settings to decrease security issues with PHP 7 and below.

Checking the PHP version 

To check the PHP version, follow these steps:

  1. Log in to cPanel.If you do not know how to log in to your cPanel account, please see this article.
  2. Open the PHP Selector:
    • If you are using the Jupiter theme, on the Tools page, in the Software section, click Select PHP Version:cPanel - Select PHP Version icon
    • If you are using the Paper Lantern theme, in the SOFTWARE section of the cPanel home page, click Select PHP Version:
      cPanel - Select PHP Version icon
    If you do not see the Select PHP Version icon, your server does not support this feature. 
  3. cPanel displays the current PHP version. Hostvento Hosting supports several PHP versions, starting at 4.4 to 8.0:To change the PHP version, in the Current PHP Version list box, select the version that you want to use. The new PHP version takes effect immediately. 

Configuring PHP settings to harden PHP

To help harden PHP for better security, follow the steps below to update the recommended PHP settings:

  1. Click the Options tab to configure the PHP settings:
  2. cPanel displays the available options with default values. Any changes you make to the default values are automatically updated.

Setting individual PHP options 

Remote Connections Settings
  1. Remote content can be harmful at times, and it’s best to set the configuration to allow fopen wrappers to only load local content. To allow fopen wrappers to only load local content and not open remote URLs,clear the  allow_url_fopenand allow_url_include check boxes:
Script processing time
  1. A well written PHP script should only take about a maximum of 30 seconds to run. We recommend setting both max_input_time and max_execution_time parameters to 30 seconds. Change both the default max_input_time from -1 second  and max_execution_time from 300 seconds to 30 seconds:Default setting:Recommended setting:
Memory settings
  1. In the memory_limit list box, change the default memory limit from 768M to a lower memory limit. This limits the memory usage by any running scripts:
PHP exposure 
  1. To change the default PHP version exposure clear the expose_php check box:Default setting:Recommended setting:
Error Handling
  1. Error messages often contain information about the server and application, which is helpful for debugging, but also to hackers. Wes recommend not displaying any errors to end users in production code, and instead logging them for further troubleshooting. To harden error handling settings, do the following:
  • Clear the display_errors check box.
  • Set a path for the error_log setting and select the log_errors check box.
  • (Optional) Change the error_reporting level.
File  Uploads
  1. If your application does not use file uploads, clear the file_uploads check box. Otherwise, to allow file uploads, select the file_uploads check box:
  2. To set the maximum upload file size, in the upload_max_filesize list box select the maximum allowed size:

Still stuck? How can we help?

How can we help?

Was this page helpful? Yes No

Share this Doc

How to harden PHP 7 and earlier versions using cPanel

Or copy link

Clipboard Icon
CONTENTS
  • Checking the PHP version 
  • Configuring PHP settings to harden PHP
  • Setting individual PHP options 
    • Remote Connections Settings
    • Script processing time
    • Memory settings
    • PHP exposure 
    • Error Handling
    • File  Uploads
Leaf Illustration

© 2023 All Rights Reserved by Hostvento