1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
|
class php::series5::hardened {
$fpm = $::php::fpm
$disable_functions = 'phpinfo, system, exec, shell_exec, passthru, proc_get_status, proc_open, popen, proc_close, proc_nice, proc_terminate, pcntl_exec, proc_open, show_source, dl, symlink, system_exec'
#$disable_functions = 'disable_functions = phpinfo, system, exec, shell_exec, passthru, proc_get_status, proc_open, popen, proc_close, proc_nice, proc_terminate, pcntl_exec, proc_open, curl_init, parse_ini_file, show_source, dl, symlink, syslog, mail, system_exec',
if $fpm == 'present' {
php::config {
'allow_url_fopen_5_fpm' : param => 'allow_url_fopen', sapi => 'fpm', value => 'Off';
'allow_url_include_5_fpm' : param => 'allow_url_include', sapi => 'fpm', value => 'Off';
'disable_functions_5_fpm' : param => 'disable_functions', sapi => 'fpm', value => $disable_functions;
}
}
php::config {
'allow_url_fopen' : value => 'Off';
'allow_url_include' : value => 'Off';
'disable_functions' : value => $disable_functions;
}
}
|
