I am using hosting on VPS and they've not allowed me to use php's ini_set function to set configuration at runtime, on a script by script basis. Instead I must change the settings directly in the php.ini file which is a mission to access via SSH.
Why is this?
This, although fine, is slightly annoying as I have 12 domains on the shared server and I do not neccessarily want to set the settings across the board....
VPS providers have a tendency to force their users to use the most secure environment possible. Disabling
ini_set()
typically is good security practice, since you could easily have aneval()
statement in your PHP code that uses a GET/POST/SESSION variable as input, for example. I believeini_set()
is blocked by default ifsafe_mode
is turned on. I would imagine any shared hosting provider would enforcesafe_mode
.If it's a product aimed at resellers, it is probably to prevent your clients / customers / users from changing php.ini settings at will, which is usually a wise thing to do.
But if you have full access to the machine, shouldn't you be able to re-activate
ini_set
?Can you tell more about the server components. PHP as CGI or mod_php. Is PHP enabled with suPHP or other protection systems? Some option can be changed with an .htaccess file. Have you direct access to the httpd.conf file? There you can enable ini_set() -> http://php.net/manual/en/configuration.changes.php
Like Pekka said, if you can modify your php.ini via SSH, then try to change it there.
Turn off
safe_mode
and check for contents ofdisable_functions