Security Plugin - php fatal errors

I hope someone can help me. I am having some issues with the security plugin, when I click on the “Security” I get what appears to be a text dump of my php.ini. The System Check is fine apart from LOAD DATA INFILE which I don’t care about as my site traffic is low.

The error log shows the following error…

[Wed Jul 31 06:15:52 2013] [error] [client 11.222.333.44] PHP Fatal error:  Class 'PhpSecInfo_Test_Session_php.ini' not found in /home/user/public_html/analytics/plugins/SecurityInfo/PhpSecInfo/PhpSecInfo.php on line 279, referer:

I thought were due to my htaccess file but after triming that down to just

AddHandler application/x-httpd-php54 .php .php5 .php4 .php3
Options -Indexes

I still get the same error.

At the risk of providing to much info here is an extract from my php.ini. I am on a shared Apache server, using php5.4.

short_open_tag = Off
session.cache_expire = 180
session.cookie_lifetime = Off
disable_functions = "system, exec, passthru, shell_exec, show_source, popen, pclose, pcntl_exec "
session.gc_maxlifetime = 1440
enable_dl = Off
session.hash_function = Off
magic_quotes_gpc = Off
html_errors = On
session.cookie_domain = ""
session.use_only_cookies = On
open_basedir = "/home/user/"
default_socket_timeout = 60
file_uploads = On
memory_limit = 128M
session.use_cookies = On
url_rewriter.tags = "a=href,area=href,frame=src,input=src,form=fakeentry"
ignore_repeated_source = Off
allow_url_fopen = Off
max_file_uploads = 20
register_argc_argv = Off
session.auto_start = Off
auto_globals_jit = On
session.save_path = "/home/user/tmp"
max_execution_time = 30
pgsql.allow_persistent = On
cgi.fix_pathinfo = On
serialize_precision = 17
default_charset = "UTF-8"
mysql.allow_persistent = Off
display_startup_errors = Off
track_errors = Off
zlib.output_compression = Off
allow_url_include = Off
expose_php = Off
session.gc_probability = On
session.cache_limiter = "nocache"
post_max_size = 8M
upload_tmp_dir = "/home/user/tmp"
error_reporting = "E_ALL & ~E_DEPRECATED & ~E_STRICT"
session.bug_compat_42 = Off
max_input_time = 60

All help and advice would be greatly appreciated,


I found the problem. :slight_smile:

My cpanel php variables manager puts a php.ini in every subdirectory (the server is set up so that php.ini settings do not apply to subdirectories).

Following a similar issue in this post 301 Moved Permanently it seems that phpsecinfo.php tries to read all files in /Test. I deleted the php.ini files in plugins/SecurityInfo/PhpSecInfo/Test and all subdirectories and that fixed it.