When or for what Reasons should folks turn PHP Safemode ON/OFF?

2.7k views Asked by At

Question about PHP safe-mode:
By default it is switched on in PLESK shared-hosting account environment: While on my site seems to work fine, but maybe it will work faster/better when off? I dont understand the below text very well, especially PHP's explanation:

PLESK:

By default, PHP is configured to operate in safe mode with functional restrictions. Some web applications may not work properly with safe mode enabled: If an application on a site fails due to safe mode, switch the safe mode off

PHP.net:

This feature has been DEPRECATED as of PHP 5.3.0. Relying on this feature is highly discouraged. The PHP safe mode is an attempt to solve the shared-server security problem. It is architecturally incorrect to try to solve this problem at the PHP level, but since the alternatives at the web server and OS levels aren't very realistic, many people, especially ISP's, use safe mode for now.

Question1: When/for what reasons should folks turn Safemode ON?
Question2: When/for what reasons should folks keep Safemode OFF?

2

There are 2 answers

0
ircmaxell On BEST ANSWER

Turn it off. Always leave it off.

It was designed way back when as a way to make PHP safe to use on mass hosts, and let the hosts "lock down" PHP.

But over time, it was realized that this didn't really work, and didn't really solve the problem anyway. There are better system-level ways of securing servers. So PHP is removing the functionality in the next major version and has it deprecated.

So to directly answer your questions:

When should folks turn it on:

Never. It doesn't really work, and it limits what you can do with PHP in a sane way, so just don't turn it on.

When should folks keep it off:

Always. It doesn't really work, so there's no point to turning it on...

That's my $0.02 anyway...

Edit: Some references

Everything you can do to a server, you can do with Safe Mode on, including: It's possible to write to the webserver anyway. So what's the point?

A mailing list thread from PHP about removing it in 6

Edit2: About speed:

The speed difference is likely to be trivial at best. It's no more than a micro-optimization. You're going to get a far bigger gain by writing your code well than worrying about a specific configuration option such as this. Don't worry about the speed difference at all. Build your application properly, and worry about speed later. Not to mention that the choice of front end web server (Apache, IIS, Lighttpd, NginX, etc) and SAPI (mod_php, CGI, FastCGI, etc) will make a far bigger difference than safe_mode ever can...

2
mario On

Safe mode adds some limits to filesystem-related functions and process handling features (and some totally unrelated cURL options). It's nowadays considered pointless, as it can be circumvented on shared hosting servers by resorting to Perl or Python or bash-CGIs. Professional hosters use suexec and mod_chroot rather.

It can be beneficial if you want to run outdated scripts however (wether that's a good idea is open for discussion). While it doesn't solve all problems, the limitations can help to mitigate risks. It's thus a best effort solution like mod_security.

As far as speed is concerned; it's measureable but not significant.