In PHP, certain functions can be disabled for security reasons. Disabling functions is a common practice in shared hosting environments to prevent unauthorized operations. When a disabled function is called, PHP will issue a warning.
exec() is one of the functions that are usually disabled. PHP will throw a warning when a disabled function is called.
[Thu Jun 04 23:31:51.806024 2020] [php7:warn] [pid 18054] [client 192.168.111.1:54421] PHP Warning: date() has been disabled for security reasons in /var/www/html/index.php on line 3
The disable_functions directive in the php.ini file lists the functions that are restricted. This helps to secure the environment by limiting potentially harmful operations like exec(). Identifying which functions are disabled is essential for debugging and maintaining secure configurations.
To check disabled functions, you can use the ini_get() function or inspect the php.ini file directly. Understanding these methods is important for maintaining a secure and functional PHP setup.
Related: How to disable functions in PHP
Steps to list disabled PHP functions:
- Show disabled functions using ini_get.
<?php echo ini_get('disable_functions'); #sample output: date,pcntl_alarm,pcntl_fork,pcntl_waitpid,pcntl_wait,pcntl_wifexited,pcntl_wifstopped,pcntl_wifsignaled,pcntl_wifcontinued,pcntl_wexitstatus,pcntl_wtermsig,pcntl_wstopsig,pcntl_signal,pcntl_signal_get_handler,pcntl_signal_dispatch,pcntl_get_last_error,pcntl_strerror,pcntl_sigprocmask,pcntl_sigwaitinfo,pcntl_sigtimedwait,pcntl_exec,pcntl_getpriority,pcntl_setpriority,pcntl_async_signals,pcntl_unshare, ?>
- List disabled PHP functions from configuration file.
$ grep disable_functions /etc/php/7.4/apache2/php.ini disable_functions = date,pcntl_alarm,pcntl_fork,pcntl_waitpid,pcntl_wait,pcntl_wifexited,pcntl_wifstopped,pcntl_wifsignaled,pcntl_wifcontinued,pcntl_wexitstatus,pcntl_wtermsig,pcntl_wstopsig,pcntl_signal,pcntl_signal_get_handler,pcntl_signal_dispatch,pcntl_get_last_error,pcntl_strerror,pcntl_sigprocmask,pcntl_sigwaitinfo,pcntl_sigtimedwait,pcntl_exec,pcntl_getpriority,pcntl_setpriority,pcntl_async_signals,pcntl_unshare,
Related: PHP configuration files
Mohd Shakir Zakaria is a cloud architect with deep roots in software development and open-source advocacy. Certified in AWS, Red Hat, VMware, ITIL, and Linux, he specializes in designing and managing robust cloud and on-premises infrastructures.
Comment anonymously. Login not required.