We are happy to announce that Vesta is back under active development as of 25 February 2024. We are working on v1 candidate and expect to engage more with the community over the coming months. We are committed to open source, and we encourage contributors to help us build the future of Vesta.
Security
Re: Security
Ummm. That's because it's a PHP ini directive?
Google it.
Google it.
Re: Security
That depends on your setup.
If its straight out the box, I believe Vesta uses a single php.ini (I have switched to php-fpm).
Easiest way to find out. Go to your domains root folder and add this script:
phpInfo.php
Then visit it in your browser:
http://yoursite.com/phpInfo.php
In the first section it will have what config (ini) file is being used.
Add it there. You may need to restart the webserver if using standard apache2.
:-)
If its straight out the box, I believe Vesta uses a single php.ini (I have switched to php-fpm).
Easiest way to find out. Go to your domains root folder and add this script:
phpInfo.php
Code: Select all
<?php phpinfo(); ?>
http://yoursite.com/phpInfo.php
In the first section it will have what config (ini) file is being used.
Add it there. You may need to restart the webserver if using standard apache2.
Code: Select all
service apache2 restart
Re: Security
chrisf, thx, can you please point me how I can check up the result of what have I done..how can I know that these functions are disabled ?chrisf wrote: ↑Mon Oct 22, 2018 1:21 pmThat depends on your setup.
If its straight out the box, I believe Vesta uses a single php.ini (I have switched to php-fpm).
Easiest way to find out. Go to your domains root folder and add this script:
phpInfo.phpThen visit it in your browser:Code: Select all
<?php phpinfo(); ?>
http://yoursite.com/phpInfo.php
In the first section it will have what config (ini) file is being used.
Add it there. You may need to restart the webserver if using standard apache2.
:-)Code: Select all
service apache2 restart
Thx again
Re: Security
Run that same test script, scroll down to where it says disabled functions. If it is your list, it's working.
Anytime you change anything in php that phpInfo.php will let you know if it is working for that domain. :-)
It lists every function of php and it's setting.
Anytime you change anything in php that phpInfo.php will let you know if it is working for that domain. :-)
It lists every function of php and it's setting.
Re: Security
Thank you chrisf if you have aome other security tip for shared hostings, please share it here, it is a great topic and great contribution from you!
Re: Security
I respect the marketing team, because they tried so hard to build trust for the product that doesn't really fit in security.
One reason that I feel unsafe to use Vesta back in 2018 is when the big boss told everyone that, they are not gonna rewrite codes for basic security practice (changing admin username or lock it). The response was "No!" we won't fix that coz of thousand line of codes.
People think that this is a one-man-show project because of lack response. If you need the product become big, find investors, find manpowers, rewrite codes, most important is listen to users and their critique. If you think a critique is an insult then, stop. It's over.
I'm currently on premium license for directadmin and cpanel. I came here only to visit any news on security since long time ago I haven't touched it. You see, I have the feeling this product is going to be the best but only you can change my perspective.
One reason that I feel unsafe to use Vesta back in 2018 is when the big boss told everyone that, they are not gonna rewrite codes for basic security practice (changing admin username or lock it). The response was "No!" we won't fix that coz of thousand line of codes.
People think that this is a one-man-show project because of lack response. If you need the product become big, find investors, find manpowers, rewrite codes, most important is listen to users and their critique. If you think a critique is an insult then, stop. It's over.
I'm currently on premium license for directadmin and cpanel. I came here only to visit any news on security since long time ago I haven't touched it. You see, I have the feeling this product is going to be the best but only you can change my perspective.