How to disable dangerous PHP Functions?

steitieh

steitieh

Well-known member
Joined
Apr 23, 2014
Messages
113
Points
18
I read that we should disable dangerous PHP functions like exec, passthru, shell_exec, system..etc to stop hackers from running them on our hosting.
How to do this in any hosting control panels or on a Linux hosting?
 
UnderHost

UnderHost

Member
Registered
Joined
Sep 5, 2016
Messages
42
Points
8
Open a terminal or login to your server over via SSH. Open php.ini file:

If you're not sure where your PHP files is located use;

Code: 
php -i | grep php.ini
Then edit the files;

Code: 
vi /etc/php.ini
Find disable_functions and set new list as follows:

Code: 
disable_functions =exec,passthru,shell_exec,system,proc_open,popen,curl_exec,curl_multi_exec,parse_ini_file,show_source
I also recommend to disable allow_url_include and allow_url_fopen for security reasons:

Code: 
allow_url_fopen=Off
allow_url_include=Off
Save and close the file. Restart the httpd server by tying the following command:

Code: 
service httpd restart
 
You must log in or register to reply here.
Older Threads
Dr. McKay
How to remove CSF firewall from a VPS?
Replies
13
Views
6,757
HostingWaves
Dr. McKay
Fastest ways to move a website from a cPanel to cPanel?
Replies
3
Views
3,447
StackArcVPS
Dr. McKay
How to delete temporary and unused files from a VPS server?
Replies
4
Views
6,765
HostXNow
Dr. McKay
How to backup cPanel emails and moving to a new cPanel
Replies
6
Views
3,159
LJSHost
H
BlackFriday -90% off from HyperHost get the biggest discount as possible on reselling hosting
Replies
2
Views
1,993
HyperHost
Newer Threads
UnderHost
[NL] UnderHost - Offshore Hosting - Daily Backup - CloudLinux - 50% BLACK FRIDAY
Replies
0
Views
2,478
UnderHost
Mihai B.
How do I get PHP Errors to display?
Replies
2
Views
2,172
Luxin Host
Philippe Gaucher
Free Blog vs. Self Hosted Blog?
Replies
8
Views
3,983
bewmurof
postcd
From time to time i see error: FATAL: Module ip_tables not found.
Replies
1
Views
2,451
LJSHost
FerdieQO
How can you increase the speed of a shared hosting server?
2
Replies
20
Views
8,158
manoaratefy
Latest Threads
josephilip
Welcome to ServerMO: Excellence in Dedicated Server Hosting
Replies
0
Views
14
josephilip
cancan
Save an incredible 90% off! The Best HostPapa Deal so Far: Unlimited SSL, 50 GB NVMe, 24/7 support
Replies
0
Views
31
cancan
M
How to Choose the Best Web Hosting Provider for a New Website ??
Replies
1
Views
33
BlueLeaf
J
Jtti: What are some common misconceptions about firewall rules?
Replies
0
Views
129
jtti
Mvv758
Hello
Replies
1
Views
79
AlbaHost
Recommended Threads
rainmaker11
Increase or decrease google indexed pages, affect to SEO and traffic?
Replies
4
Views
4,097
PTTed
HostingORA
Monetizing your hosting site?
Replies
8
Views
4,823
VictorVictories
J
Backlink is still very important for rankings
Replies
9
Views
3,546
Archana
fwh
How to Fix error "Can't open file:...(errno: 24)" in MySQL
Replies
0
Views
2,138
fwh
Marc0
Tag friends on Facebook posts, is it good or bad?
Replies
5
Views
2,475
ev3v4hn
Similar Threads
Paul Wellner Bou
Does Plesk onyx disable email send out when license is expired?
Replies
2
Views
1,323
fastvps
Kaan Helmut
Why error log in PHP is disabled as default?
Replies
8
Views
2,153
Maxoq
MooseLucifer
Disable lazy loading of WordPress default images
Replies
0
Views
1,489
MooseLucifer
Chris Worner
Disable a Linux server from SSH?
Replies
8
Views
2,867
ITivan80
justsmallsteps
Dangerous PHP Functions Must be Disabled?
Replies
16
Views
6,680
hostguy

Latest postsNew threads

Latest Hosting OffersNew Reviews

Popular Contributors - Past 30 Days

Sponsors

Tag Cloud

You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an alternative browser.
  • cpanel
  • dedicated
  • free
  • hello
  • hosting
  • hosting services
  • marketing
  • offers
  • seo
  • server
  • services
  • vps
  • web
  • web hosting
  • website
  • wordpress
    • Top