1 files changed, 13 insertions, 2 deletions

diff --git a/manifests/series5/hardened.pp b/manifests/series5/hardened.pp
index e512402..7026a25 100644
--- a/manifests/series5/hardened.pp
+++ b/manifests/series5/hardened.pp
@@ -1,8 +1,19 @@
 class php::series5::hardened {
+  $fpm               = $::php::fpm
+  $disable_functions = 'phpinfo, system, exec, shell_exec, passthru, proc_get_status, proc_open, popen, proc_close, proc_nice, proc_terminate, pcntl_exec, proc_open, show_source, dl, symlink, system_exec'
+  #$disable_functions = 'disable_functions = phpinfo, system, exec, shell_exec, passthru, proc_get_status, proc_open, popen, proc_close, proc_nice, proc_terminate, pcntl_exec, proc_open, curl_init, parse_ini_file, show_source, dl, symlink, syslog, mail, system_exec',
+
+  if $fpm == 'present' {
+    php::config {
+      'allow_url_fopen_5_fpm'   : param => 'allow_url_fopen',   sapi => 'fpm', value => 'Off';
+      'allow_url_include_5_fpm' : param => 'allow_url_include', sapi => 'fpm', value => 'Off';
+      'disable_functions_5_fpm' : param => 'disable_functions', sapi => 'fpm', value => $disable_functions;
+    }
+  }
+
   php::config {
     'allow_url_fopen'   : value => 'Off';
     'allow_url_include' : value => 'Off';
-    'disable_functions' : value => 'phpinfo, system, exec, shell_exec, passthru, proc_get_status, proc_open, popen, proc_close, proc_nice, proc_terminate, pcntl_exec, proc_open, show_source, dl, symlink, system_exec';
-    #value => 'disable_functions = phpinfo, system, exec, shell_exec, passthru, proc_get_status, proc_open, popen, proc_close, proc_nice, proc_terminate, pcntl_exec, proc_open, curl_init, parse_ini_file, show_source, dl, symlink, syslog, mail, system_exec',
+    'disable_functions' : value => $disable_functions;
   }
 }