Some PHP functions could be a security risk if allowed in a system. These functions include exec(), which could be used to execute shell commands in a system if exploited.
You can disable PHP functions as a way to harden your PHP environment or if you're running a shared hosting where some functions could be a security problem.
Steps to enable and disable PHP functions:
- Open PHP configuration file using your preferred text editor.
$ sudo vi /etc/php/7.2/apache2/php.ini
Related: PHP configuration files
- Search for disable_functions directive.
; This directive allows you to disable certain functions for security reasons. ; It receives a comma-delimited list of function names. ; http://php.net/disable-functions disable_functions = pcntl_alarm,pcntl_fork,pcntl_waitpid,pcntl_wait,pcntl_wifexited,pcntl_wifstopped,pcntl_wifsignaled,pcntl_wifcontinued,pcntl_wexitstatus,pcntl_wtermsig,pcntl_wstopsig,pcntl_signal,pcntl_signal_get_handler,pcntl_signal_dispatch,pcntl_get_last_error,pcntl_strerror,pcntl_sigprocmask,pcntl_sigwaitinfo,pcntl_sigtimedwait,pcntl_exec,pcntl_getpriority,pcntl_setpriority,pcntl_async_signals,pcntl_unshare,
- Add functions to disable, separated by comma(,) or remove existing functions to enable.
; This directive allows you to disable certain functions for security reasons. ; It receives a comma-delimited list of function names. ; http://php.net/disable-functions disable_functions = date,pcntl_alarm,pcntl_fork,pcntl_waitpid,pcntl_wait,pcntl_wifexited,pcntl_wifstopped,pcntl_wifsignaled,pcntl_wifcontinued,pcntl_wexitstatus,pcntl_wtermsig,pcntl_wstopsig,pcntl_signal,pcntl_signal_get_handler,pcntl_signal_dispatch,pcntl_get_last_error,pcntl_strerror,pcntl_sigprocmask,pcntl_sigwaitinfo,pcntl_sigtimedwait,pcntl_exec,pcntl_getpriority,pcntl_setpriority,pcntl_async_signals,pcntl_unshare,
- Restart web server for the change to take effect.
$ sudo systemctl restart apache2
- Check if function successfully disabled.
![](https://www.simplified.guide/_media/page/author/shakir/mohd-shakir-zakaria.jpg?w=200&tok=d15487)
Author: Mohd
Shakir Zakaria
Mohd Shakir Zakaria is an experienced cloud architect with a strong development and open-source advocacy background. He boasts multiple certifications in AWS, Red Hat, VMware, ITIL, and Linux, underscoring his expertise in cloud architecture and system administration.
![](data:image/x-icon;base64,iVBORw0KGgoAAAANSUhEUgAAABgAAAAYCAYAAADgdz34AAABOElEQVRIia2VYXHDMAyFPwiBEAiBYAYLg5lBC8EQyqBmsDFoGKQMFgYNg+1H5jtFtmMn6bvzj9jWe7IUSVBGD9yBh1p34KPCPosr8AJ+C+sFXPYQd8BYQazX+G9bJK/xeus1WRFJ7oAGsMAkCCbgKb5ncbcXIm1KQBoasd9kvGoTRDJcK1jWT+1THhTQKg4rD+c3CUien3BgFPlwgDzAKS4DcGPjaTvRKa4bLB5HqicQReOdAk2NwPWEgKkReJwQ0PkcALzaPBqmhrjNeIiLLJT7HpFcg7RBWcbfsQ7XhXyr+GSZC7nm14TLXnjeERdMKvH6n9fLa29CmYckO5YkfUtPFKYM+Uyio1pxoXZCDRkBmzPw4tIIfLH926YEfMkrlzCqFaguUsN6AJUEnhxsMT1LknNwFGbHH5UF4DVNwliLAAAAAElFTkSuQmCC)
Mohd Shakir Zakaria is an experienced cloud architect with a strong development and open-source advocacy background. He boasts multiple certifications in AWS, Red Hat, VMware, ITIL, and Linux, underscoring his expertise in cloud architecture and system administration.
Discuss the article:
Comment anonymously. Login not required.