How to disable dangerous php functions

publisher — Wed, 06 May 2020 10:56:21 +0000

These functions can be potentially dangerous in some scenarios for the security of your scripts and server you can always disable them.
Run the below command for the PHP versions you need to disable those functions.

PHP switcher :

echo "disable_functions = exec, system, popen, proc_open, shell_exec, passthru, show_source" > /usr/local/php/php.d/disabled_function.ini

PHP-CGI selector :

echo "disable_functions = exec, system, popen, proc_open, shell_exec, passthru, show_source" > /opt/alt/php53/usr/php/php.d/disabled_function.ini

echo "disable_functions = exec, system, popen, proc_open, shell_exec, passthru, show_source" > /opt/alt/php54/usr/php/php.d/disabled_function.ini

echo "disable_functions = exec, system, popen, proc_open, shell_exec, passthru, show_source" > /opt/alt/php55/usr/php/php.d/disabled_function.ini

echo "disable_functions = exec, system, popen, proc_open, shell_exec, passthru, show_source" > /opt/alt/php56/usr/php/php.d/disabled_function.ini

echo "disable_functions = exec, system, popen, proc_open, shell_exec, passthru, show_source" > /opt/alt/php70/usr/php/php.d/disabled_function.ini

echo "disable_functions = exec, system, popen, proc_open, shell_exec, passthru, show_source" > /opt/alt/php71/usr/php/php.d/disabled_function.ini

echo "disable_functions = exec, system, popen, proc_open, shell_exec, passthru, show_source" > /opt/alt/php72/usr/php/php.d/disabled_function.ini

echo "disable_functions = exec, system, popen, proc_open, shell_exec, passthru, show_source" > /opt/alt/php73/usr/php/php.d/disabled_function.ini

PHP_FPM Selector :
** Don't forget to restart php-fpm after changes

echo "disable_functions = exec, system, popen, proc_open, shell_exec, passthru, show_source" > /opt/alt/php-fpm53/usr/php/php.d/disabled_function.ini && service php-fpm53 restart

echo "disable_functions = exec, system, popen, proc_open, shell_exec, passthru, show_source" > /opt/alt/php-fpm54/usr/php/php.d/disabled_function.ini && service php-fpm54 restart

echo "disable_functions = exec, system, popen, proc_open, shell_exec, passthru, show_source" > /opt/alt/php-fpm55/usr/php/php.d/disabled_function.ini && service php-fpm55 restart

echo "disable_functions = exec, system, popen, proc_open, shell_exec, passthru, show_source" > /opt/alt/php-fpm56/usr/php/php.d/disabled_function.ini && service php-fpm56 restart

echo "disable_functions = exec, system, popen, proc_open, shell_exec, passthru, show_source" > /opt/alt/php-fpm70/usr/php/php.d/disabled_function.ini && service php-fpm70 restart

echo "disable_functions = exec, system, popen, proc_open, shell_exec, passthru, show_source" > /opt/alt/php-fpm71/usr/php/php.d/disabled_function.ini && service php-fpm71 restart

echo "disable_functions = exec, system, popen, proc_open, shell_exec, passthru, show_source" > /opt/alt/php-fpm72/usr/php/php.d/disabled_function.ini && service php-fpm72 restart

echo "disable_functions = exec, system, popen, proc_open, shell_exec, passthru, show_source" > /opt/alt/php-fpm73/usr/php/php.d/disabled_function.ini && service php-fpm73 restart

To enable it back, simply delete disabled_function.ini file for the PHP version you want and restart apache/php-fpm.

Control WebPanel Wiki » disable dangerous php functions

How to disable dangerous php functions