By default, a new installation of DirectAdmin will be configured with the so called “PHP safe mode” enabled. This is a default security feature which disables the use of certain commands such as “proc_open”. This results in the following error messages:
PHP Warning: proc_open() has been disabled for security reasons in ... on line .... PHP Warning: proc_get_status() expects parameter 1 to be resource, null given in ... on line .... PHP Warning: proc_close() has been disabled for security reasons in ... on line ....
In order to enable the proc_open command you need to disable the PHP safe mode.
1. Disable PHP safemode
In order to disable PHP safemode, log in with SSH to your DirectAdmin server with the “root” user, and edit the following file:
This file should look like this:
#PHP Settings php1_release=7.4 php1_mode=php-fpm php2_release=no php2_mode=php-fpm php3_release=no php3_mode=php-fpm php4_release=no php4_mode=php-fpm secure_php=yes php_ini=no php_timezone=America/New_York php_ini_type=production x_mail_header=yes
In this file, search for following line:
Change the value of this line from “yes” to “no”:
Proceed to save the file (in nano with ctrl + x followed by “y” + <enter>).
2. Rebuild PHP
After changing the configuration, you need to rebuild the PHP with the following command. Note that this process can take a few minutes.
cd /usr/local/directadmin/custombuild/ ./build secure_php
If everything goes OK, you should be presented with the following statement:
2021/11/17 14:17:34 info starting queues dataskq: command: action=rewrite&value=httpd PHP 7.4.25 Installed.
3. Change PHP.ini config
The last step is to change the default PHP.ini config file, which contains a list of the disabled functions. Open the following file
And search for the line:
; This directive allows you to disable certain functions. ; It receives a comma-delimited list of function names. ; http://php.net/disable-functions disable_functions = exec,system,passthru,shell_exec,proc_close,proc_open,dl,popen,show_source,posix_kill,posix_mkfifo,posix_getpwuid,posix_setpgid,posix_setsid,posix_setuid,posix_setgid,posix_seteuid,posix_setegid,posix_uname
You can either remove the
proc_open parts to enable just those commands, or you can remove the whole line to enable all these functions.
4. Restart httpd
Afterwards simply restart the Apache / PHP services to enable the changes.
service php-fpm74 restart service httpd restart
Now the proc_open command should work!