Maybe I’m slow, but I just discovered “php.ini QuickConfig” in cPanel 11. It probably exists in prior versions too. It was hidden under “Software / Services”. Most of the default settings should be fine, but you might want to disable register_globals if it isn’t disabled already. This will prevent malicious visitors from setting your PHP variables themselves by attaching arguments to the URL. Just make sure you always use $_GET and $_POST where ever it’s necessary.