shell_exec has been disabled for security reasons
shell_exec function in PHP is used to execute command via shell. Some of the Webhosting providers disable shell_exec while doing PHP hardening. Follow the below steps to enable PHP shell_exec() function.
1. Log into your Linux server
You must log into your Linux server as root user.
2. Find the path of php.ini
The command “php --ini” will show the exact location of the loaded PHP configuration file.
On my server, php.ini file is in etc directory – /etc/php.ini.
3. Check whether shell_exec is added in PHP disable_functions
Run the below command to check whether PHP shell_exec function is added in PHP disable_functions.
Command :
grep disable_functions /etc/php.ini
disable_functions = shell_exec
In the above command output, you can see that shell_exec is added in PHP disable_functions.
3. Remove shell_exec from disable_functions
Open your PHP configuration file php.ini using vim or nano.
vi /etc/php.ini
scroll down to the line ‘disable_functions’ and remove ‘shell_exec’ from there.
Save the PHP configuration file and exit the editor.
NOTE : shell_exec function is disabled as a part of PHP hardening.
4. Restart the web browser
You must restart the web browser after making changes in the PHP configuration file.
Command :
service httpd restart
You will see the same PHP warning, if your website is using a different PHP configuration file.
Do the below steps if you are still getting the same warning.
1. Create a phpinfo file in your website document root to find the loaded configuration file.
2. Try accessing phpinfo.php in your Web browser : http://domain.com/phpinfo.php
Check the PHP loaded configuration file in phpinfo.php page.
3. Open that PHP configuration file and remove shell_exec from PHP disable_functions
4. Save the file and exit
5. Restart web server
Don’t forget to delete the phpinfo.php file.