Helix
If you want to prevent users from editing php.ini, you can disable it in the package settings:
Edit Package > Features > Allow php.ini editor
Just be ready for more support tickets from users complaining about the missing feature if you disable it.
Containerization is great, and in 2025, it’s a must-have. It helps prevent one infected site from affecting other sites or compromising the entire server. But it won’t protect the compromised site itself, once a site is vulnerable, containerization doesn’t stop the damage within that container. That’s why it’s still your responsibility as a hosting provider to secure each site individually. Setting disabled functions globally as a default is a smart move, it adds a strong extra layer to your overall security.