المساعد الشخصي الرقمي

مشاهدة النسخة كاملة : Disable PHP mail function on cPanel server



Rise Company
06-11-2014, 01:54
There is a function available in PHP to send a mail via PHP script. The function is mail(). However, it is advisable to disable PHP mail() function on the shared hosting server to prevent spamming from the server and allow only SMTP authentication to send the emails via PHP script. You can disable PHP mail() function from WHM. You will just need to follow the below steps for that:

[1] Login to your WHM.
[2] Go to Tweak Settings.
[3] Select the option "Prevent the user "nobody" from sending out mail to remote addresses (PHP and CGI scripts generally run as nobody if you are not using PHPSuexec and Suexec respectively.)" and save it.

Rise Company
06-11-2014, 02:07
Are you using DSO on the machine for the PHP handler? If so, I would suggest switching to suPHP and then changing this to "On" in WHM > Tweak Settings:

Prevent “nobody” from sending mail


The email you've provided was sent by the user nobody, so it isn't even possible to track down any other details without a lot of effort:

1QU3hD-0004bX-KY-H
nobody 99 99
<[email protected]>
1307481619 0
-ident nobody
-received_protocol local


By preventing nobody from sending emails, you'll stop these emails. Unfortunately, if you are using DSO for the PHP handler (WHM > Apache Configuration > PHP and SuExec Configuration area shows your current PHP handler), then you cannot stop the user nobody from sending emails as PHP scripts run as nobody and any mail script will run as that nobody user.

Rise Company
06-11-2014, 02:23
Mostly hosting providers disable php mail() function to send an e-mail to stop spamming. You can create a sample php page with php mail() script to test php mail() function is enabled on your domain hosted server.

Rise Company
06-11-2014, 02:27
php security

in this time i'm prevent any php to use mail() but i need to use it in other website

can you tell me how to detect how this files uploaded to server ?

-----

Create a new php.ini in or copy the servers global php.ini file in to the home directory of an account where you want to deny this function. Then open the php.ini file and search for the directive "disable_functions" here just include the php function that you want to disable for this account.

This will deny the appropriate php function for this particular account only and this will not get reflected globally for all the other acct that was hosted on the server.

ex: disable_functions = mail

else

If there is a .htaccess file on the account then please open the file and insert the below code.

php_value disable_functions mail

That's It!

Rise Company
06-11-2014, 02:33
طريقك توقف الدالة mail فقط على اليوزر اللي يرسل سبام هى الحل النهائى