PHP allows specific functions to be disabled to avoid misuse and for security reasons. It is used to harden a PHP deployment, especially in a shared hosting environment.
exec() is one of the functions that are usually disabled. PHP will throw a warning when a disabled function is called.
[Thu Jun 04 23:31:51.806024 2020] [php7:warn] [pid 18054] [client 192.168.111.1:54421] PHP Warning: date() has been disabled for security reasons in /var/www/html/index.php on line 3
You can list disabled PHP functions by using ini_get() in your PHP script or looking for disable_functions in your PHP configuration file.
Related: How to disable functions in PHP
Steps to list disabled PHP functions:
- Show disabled functions using ini_get.
<?php echo ini_get('disable_functions'); #sample output: date,pcntl_alarm,pcntl_fork,pcntl_waitpid,pcntl_wait,pcntl_wifexited,pcntl_wifstopped,pcntl_wifsignaled,pcntl_wifcontinued,pcntl_wexitstatus,pcntl_wtermsig,pcntl_wstopsig,pcntl_signal,pcntl_signal_get_handler,pcntl_signal_dispatch,pcntl_get_last_error,pcntl_strerror,pcntl_sigprocmask,pcntl_sigwaitinfo,pcntl_sigtimedwait,pcntl_exec,pcntl_getpriority,pcntl_setpriority,pcntl_async_signals,pcntl_unshare, ?>
- List disabled PHP functions from configuration file.
$ grep disable_functions /etc/php/7.4/apache2/php.ini disable_functions = date,pcntl_alarm,pcntl_fork,pcntl_waitpid,pcntl_wait,pcntl_wifexited,pcntl_wifstopped,pcntl_wifsignaled,pcntl_wifcontinued,pcntl_wexitstatus,pcntl_wtermsig,pcntl_wstopsig,pcntl_signal,pcntl_signal_get_handler,pcntl_signal_dispatch,pcntl_get_last_error,pcntl_strerror,pcntl_sigprocmask,pcntl_sigwaitinfo,pcntl_sigtimedwait,pcntl_exec,pcntl_getpriority,pcntl_setpriority,pcntl_async_signals,pcntl_unshare,
Related: PHP configuration files
Author: Mohd
Shakir Zakaria
Mohd Shakir Zakaria is an experienced cloud architect with a strong development and open-source advocacy background. He boasts multiple certifications in AWS, Red Hat, VMware, ITIL, and Linux, underscoring his expertise in cloud architecture and system administration.
Mohd Shakir Zakaria is an experienced cloud architect with a strong development and open-source advocacy background. He boasts multiple certifications in AWS, Red Hat, VMware, ITIL, and Linux, underscoring his expertise in cloud architecture and system administration.
Discuss the article:
Comment anonymously. Login not required.