Is it possible to make PHP more secure using the CustomBuild script?
Yes, it is. You need to run “./build secure_php”. At the moment it disables some dangerous PHP functions as:
Code:
exec, system, passthru, shell_exec, escapeshellarg, escapeshellcmd, proc_close, proc_open, dl, popen, show_source
Now auto archiving is not working anymore, probably because it uses one of this functions. I can’t find which function is being used by Piwik. Does anyone know this?
Piwik uses at least shell_exec function - when you disabled them, did Administration > System check maybe show a warning that the functoin was missing?
No, it did not show an error that this function was missing. Maybe a suggestion to include these in the System Check area to see if archiving is working correctly?
For now the problem is solved, i moved my Piwik installation to a separate and dedicated VPS for Piwik where i allow those functions. On a VPS with a lot of Wordpress sites i always disable those functions.
