How to disable PHP functions using PHP disable_functions
How to disable PHP functions using PHP disable_functions
Most of the web hosting companies disable dangerous PHP functions for security reasons. You will see the below warning if any PHP function is disabled server-wide.
PHP function disabled
Follow the below steps to disable functions using PHP disable_functions.
1. You must log into your Linux server as ‘root’ user or as any user with sudo privileges
2. Run the command ‘php --ini’ to find the path of loaded PHP configuration file
Configuration File (php.ini) Path: /etc
Loaded Configuration File: /etc/php.ini
Scan for additional .ini files in: /etc/php.d
Additional .ini files parsed: /etc/php.d/20-bz2.ini,
3. Open PHP configuration using vi editor and scroll down to ‘disable_functions’ line
PHP disable_functions
4. Add the PHP function to disable in disable_functions line. Example: disable_functions = ini_set
How to Disable PHP functions using disable_functions
5. Use comma-delimited list of function names to disable multiple PHP functions. Example: disable_functions = ini_set, exec, system
6. Save the php.ini file and exit
7. You must restart the Web server for changes to take effect
[root@server /]# systemctl status httpd
8. Create a phpinfo file to verify functions are disabled
phpinfo disable_functions
How to Enable the Disabled PHP functions
1. Log into Linux server via SSH as ‘root’ user
2. Run the command ‘php --ini’ to find the location of php.ini
3. Open php.ini using vi editor
4. Remove all PHP functions in disable_functions line
How to reenable PHP disable_functions
5. Save the php.ini file and exit
6. Restart the web server
7. Create a phpinfo page to verify functions are removed.
phpinfo renabled disable_functions