Knowledgebase: Technical Issues > Scripts
PHP security settings tightening
Posted by Yuri, Last modified by Ashley L on 21 November 2019 04:16 PM

Recently, we've tightened up PHP security settings. This article discusses them in details and applies only to PHP scripts.

Specifically, we now disallow the following PHP functions:

dl,shell_exec,exec,system,passthru,popen,proc_open,proc_nice,proc_get_status,proc_close,proc_terminate,posix_mkfifo,set_time_limit,ini_restore,show_source,highlight_file.

In case your scripts need to execute some or all of them or you are getting such kind of errors: you are permitted to override the restrictions and specify list of disallowed functions manually, or disable the restriction at all.

Warning: exec() has been disabled for security reasons in /home/username/public_html/script.php on line 5

Here is how you do it:
* Go to domain's document root directory. This is usually the place you've uploaded your files to. In our case, it's /home/username/public_html.
* Find the file named php.ini. Open it up for editing.
* Look for disabled_functions line. Edit it as needed (recommended) or comment the whole line out (only as last resort), placing comment sign ";" before it.
* Save the file and test your PHP script.

(287 vote(s))
Helpful
Not helpful

Comments (0)