perl or lock user at homedir

2025-04-16

Hello,

One of my customers is offering hosting as subdomains for his customers.

This customer has a normal cPanel account with me. Although he is affraid about security because their users can list his public_html or other users dirs with a script like:

function gera($nova_pasta){
$pasta = dir($nova_pasta);
while (false !== ($this = $pasta->read())){
$path = $nova_pasta.'/'.$this;
if ($this != '.' AND $this != '..' AND is_dir($path)){
echo '' .$nova_pasta.''.$this .'
';
gera($path);
}
}
$pasta->close();
clearstatcache();
}
gera('../../');

He would like to lock users so they cant list public_html and other users dir with a script like the above or disable php/cgi/perl for specific users.
I have tried the php_flag engine off but I am using suexec + phpsuexec and that wont work with the error:

Invalid command 'php_flag', perhaps mis-spelled or defined by a module not included in the server configuration

Do I have any other solution for this ?