Archiving not working with PHP's disabled functions


#1

I have a DirectAdmin server and executed this command a while back:

http://forum.directadmin.com/showthread.php?t=44743

Is it possible to make PHP more secure using the CustomBuild script?
Yes, it is. You need to run “./build secure_php”. At the moment it disables some dangerous PHP functions as:
Code:
exec, system, passthru, shell_exec, escapeshellarg, escapeshellcmd, proc_close, proc_open, dl, popen, show_source

Now auto archiving is not working anymore, probably because it uses one of this functions. I can’t find which function is being used by Piwik. Does anyone know this?


(Matthieu Aubry) #2

Piwik uses at least shell_exec function - when you disabled them, did Administration > System check maybe show a warning that the functoin was missing?


#3

No, it did not show an error that this function was missing. Maybe a suggestion to include these in the System Check area to see if archiving is working correctly? :slight_smile:

For now the problem is solved, i moved my Piwik installation to a separate and dedicated VPS for Piwik where i allow those functions. On a VPS with a lot of Wordpress sites i always disable those functions. :wink:


(Matthieu Aubry) #4

Hi Eric,

Great, we’ve fixed this and will now report if shell_exec is missing: Add System check that checks that shell_exec function is enabled · Issue #8411 · matomo-org/piwik · GitHub


#5

Awesome, thanks!