We're using DirectAdmin for our hosting services. Personally I think it's much more secure than cPanel even cPanel is generally preferred by the users since its interface. We support our customers to buy domain names even they're not having web hosting plan with us. To make it possible such a domain name customers to manage their domain's DNS settings through DirectAdmin we're creating a small web hosting package for them. This package is intended to be used by the user for DNS management and hosting small, static web pages, with no database or PHP support. Now the problem is that even the users associated with this hosting package are having PHP support turned off, they're still able to execute PHP scripts. Any idea what's the problem?