How to disable PHP functions using PHP disable_functions

How to disable PHP functions using PHP disable_functions

 

Most of the web hosting companies disable dangerous PHP functions for security reasons. You will see the below warning if any PHP function is disabled server-wide.
 

PHP function disabled

PHP function disabled


 

Follow the below steps to disable functions using PHP disable_functions.

1. You must log into your Linux server as ‘root’ user or as any user with sudo privileges

2. Run the command ‘php --ini’ to find the path of loaded PHP configuration file
 

# php --ini

Configuration File (php.ini) Path: /etc
Loaded Configuration File: /etc/php.ini
Scan for additional .ini files in: /etc/php.d
Additional .ini files parsed: /etc/php.d/20-bz2.ini,

 
3. Open PHP configuration using vi editor and scroll down to ‘disable_functions’ line
 

[root@server /]# vi /etc/php.ini

 

PHP disable_functions

PHP disable_functions


 
4. Add the PHP function to disable in disable_functions line. Example: disable_functions = ini_set
 
How to Disable PHP functions using disable_functions

How to Disable PHP functions using disable_functions


 
5. Use comma-delimited list of function names to disable multiple PHP functions. Example: disable_functions = ini_set, exec, system

6. Save the php.ini file and exit

7. You must restart the Web server for changes to take effect
 

[root@server /]# systemctl restart httpd
[root@server /]# systemctl status httpd

 
8. Create a phpinfo file to verify functions are disabled
 

phpinfo disable_functions

phpinfo disable_functions


 
 

How to Enable the Disabled PHP functions

1. Log into Linux server via SSH as ‘root’ user

2. Run the command ‘php --ini’ to find the location of php.ini

3. Open php.ini using vi editor
 

[root@server /]# vi /etc/php.ini

 
4. Remove all PHP functions in disable_functions line
 

How to reenable PHP disable_functions

How to reenable PHP disable_functions


 
5. Save the php.ini file and exit

6. Restart the web server
 

[root@server /]# systemctl restart httpd

 
7. Create a phpinfo page to verify functions are removed.
 

phpinfo renabled disable_functions

phpinfo renabled disable_functions