Differences

This shows you the differences between two versions of the page.

--- php:disabling_dangerous_php_functions [2016/10/14 23:07] – created peter
+++ php:disabling_dangerous_php_functions [2020/07/15 09:30] (current) – external edit 127.0.0.1
@@ Line 4: / Line 4: @@
 <code php>
-apache_child_terminate, apache_setenv, define_syslog_variables, escapeshellarg, escapeshellcmd, eval, exec, fp, fput, ftp_connect, ftp_exec, ftp_get, ftp_login, ftp_nb_fput, ftp_put, ftp_raw, ftp_rawlist, highlight_file, ini_alter, ini_get_all, ini_restore, inject_code, mysql_pconnect, openlog, passthru, php_uname, phpAds_remoteInfo, phpAds_XmlRpc, phpAds_xmlrpcDecode, phpAds_xmlrpcEncode, popen, posix_getpwuid, posix_kill, posix_mkfifo, posix_setpgid, posix_setsid, posix_setuid, posix_setuid, posix_uname, proc_close, proc_get_status, proc_nice, proc_open, proc_terminate, shell_exec, syslog, system, xmlrpc_entity_decode
+apache_child_terminate,
+apache_setenv,
+define_syslog_variables,
+escapeshellarg,
+escapeshellcmd,
+eval,
+exec,
+fp,
+fput,
+ftp_connect,
+ftp_exec,
+ftp_get,
+ftp_login,
+ftp_nb_fput,
+ftp_put,
+ftp_raw,
+ftp_rawlist,
+highlight_file,
+ini_alter,
+ini_get_all,
+ini_restore,
+inject_code,
+mysql_pconnect,
+openlog,
+passthru,
+php_uname,
+phpAds_remoteInfo,
+phpAds_XmlRpc,
+phpAds_xmlrpcDecode,
+phpAds_xmlrpcEncode,
+popen,
+posix_getpwuid,
+posix_kill,
+posix_mkfifo,
+posix_setpgid,
+posix_setsid,
+posix_setuid,
+posix_setuid,
+posix_uname,
+proc_close,
+proc_get_status,
+proc_nice,
+proc_open,
+proc_terminate,
+shell_exec,
+syslog,
+system,
+xmlrpc_entity_decode
 </code>
+Locate your php.ini and then edit:
+<code bash>
+php -i | grep php.ini
+</code>
+Returns something like
+<code>
+Configuration File (php.ini) Path => /etc/php/7.0/cli
+Loaded Configuration File => /etc/php/7.0/cli/php.ini
+</code>
+Now edit the file using your favourite editor :
+<code bash>
+vi /etc/php/7.0/cli/php.ini
+</code>
+Search for the following text within that configuration file & modify **disable_functions = ""** to
+<file php /etc/php/7.0/cli/php.ini>
+disable_functions = "apache_child_terminate, apache_setenv, define_syslog_variables, escapeshellarg, escapeshellcmd, eval, exec, fp, fput, ftp_connect, ftp_exec, ftp_get, ftp_login, ftp_nb_fput, ftp_put, ftp_raw, ftp_rawlist, highlight_file, ini_alter, ini_get_all, ini_restore, inject_code, mysql_pconnect, openlog, passthru, php_uname, phpAds_remoteInfo, phpAds_XmlRpc, phpAds_xmlrpcDecode, phpAds_xmlrpcEncode, popen, posix_getpwuid, posix_kill, posix_mkfifo, posix_setpgid, posix_setsid, posix_setuid, posix_setuid, posix_uname, proc_close, proc_get_status, proc_nice, proc_open, proc_terminate, shell_exec, syslog, system, xmlrpc_entity_decode"
+</file>
+After modifying the PHP configuration, the Apache web server needs to be restarted.. for the above done changes to take effect.
+If you find any problems with your web-applications after disabling these above mentioned functions, it's recommended to recheck your code & find an alternative solution, rather than risking the complete server for a mere application..
+Note that the above mentioned solution is applicable for both type of servers, Linux web hosting server & for Windows web hosting servers as well.. The PHP configuration on Windows is generally found in the C:\Windows folder.. Make sure you restart IIS web server PHP config modifications on windows servers too..