Table of Contents
PHP language offers thousands of built-in functions. A PHP function is a piece of code written in PHP language that is used to collect one or more input parameters and perform some calculations and processing, and return a value.
PHP functions make developers' life easier as it simplifies the code by making it more understandable and reusable.
In this article, we will talk about the PHP functions that are disabled by default, why they are disabled, and how you can enable these disabled PHP functions.
Important
We don't recommend enabling all the disabled PHP functions, which can make your application vulnerable and prone to attacks. We highly recommend consulting with your web developer before proceeding with such changes.
Why are PHP Functions Disabled?
PHP native functions are enabled on your Cloudways server except for a few functions. Those few PHP functions are disabled by default for security reasons, as they can be used for malicious activities.
However, you can govern these PHP function changes and choose which functions you want to enable and disable as per your requirements.
Which PHP Functions are Disabled?
Here's a list of the below-mentioned PHP functions that are disabled by default:
getmyuid
passthru
leak
listen
diskfreespace
tmpfile
link
dl
system
highlight_file
source
show_source
fpassthru
virtual
posix_ctermid
posix_getcwd
posix_getegid
posix_geteuid
posix_getgid
posix_getgrgid
posix_getgrnam
posix_getgroups
posix_getlogin
posix_getpgid
posix_getpgrp
posix_getpid
posix,_getppid
posix_getpwuid
posix_getrlimit
posix_getsid
posix_getuid
posix_isatty
posix_kill
posix_mkfifo
posix_setegid
posix_seteuid
posix_setgid
posix_setpgid
posix_setsid
posix_setuid
posix_times
posix_ttyname
posix_uname
proc_open
proc_close
proc_nice
proc_terminate
putenv
escapeshellcmd
ini_alter
popen
pcntl_exec
socket_accept
socket_bind
socket_clear_error
socket_close
socket_connect
symlink
posix_geteuid
ini_alter
socket_listen
socket_create_listen
socket_read
socket_create_pair
stream_socket_server
shell_exec
exec
How to Enable PHP Functions
You may need to enable these disabled PHP functions for specific workflows. For example, a developer needs to enable a PHP function to send a shell command via code, so they need to remove shell_exec from the disabled functions list in the Cloudways Platform.
Things to Consider Before Enabling PHP Functions
Suppose you are encountering any PHP errors or warnings. In that case, we recommend that you first try to debug the PHP errors and warnings accurately to understand if enabling the PHP function will solve the issue or not.
To debug such errors and warnings, we recommend the following measures:
Review your application's PHP logs to diagnose the cause.
If you still can't diagnose the issue correctly, consult your web developer, as there may be a possibility that some errors exist in your code.
Here's an example of a PHP error code when an application is using a PHP function which is disabled.
AH01071: Got error 'PHP message: PHP Warning: symlink() has been disabled for security reasons in /home/hostname/application_name/public_html/symlink.php on line 4PHP message: PHP Warning: readlink(): No such file or directory in /home/430163.cloudwaysapps.com/pbsfbmbjdx/public_html/symlink.php on line 6'
Once ready, you can follow these steps to enable the disabled PHP functions in the Cloudways Platform.
Step #1 — Navigate to Application Settings
Log in to your Cloudways Platform using your credentials.
From the top menu bar, open Servers.
Next, choose the server where your desired application is deployed.
Classic Interface
New Interface
Click www (if you are using Classic Interface) or the globe icon (if you are using New Interface).
Next, choose your application.
Classic Interface
New Interface
Under Application Management, select Application Settings.
Navigate to PHP FPM Settings.
Classic Interface
New Interface
Step #2 — Enable PHP Functions
Here, scroll down the list of PHP directives, and you will notice all the PHP functions which are disabled.
getmyuid,passthru,leak,listen,diskfreespace,tmpfile,link,dl,system,highlight_file,source,show_source,fpassthru,virtual,posix_ctermid,posix_getcwd,posix_getegid,posix_geteuid,posix_getgid,posix_getgrgid,posix_getgrnam,posix_getgroups,posix_getlogin,posix_getpgid,posix_getpgrp,posix_getpid,posix,_getppid,posix_getpwuid,posix_getrlimit,posix_getsid,posix_getuid,posix_isatty,posix_kill,posix_mkfifo,posix_setegid,posix_seteuid,posix_setgid,posix_setpgid,posix_setsid,posix_setuid,posix_times,posix_ttyname,posix_uname,proc_open,proc_close,proc_nice,proc_terminate,escapeshellcmd,ini_alter,popen,pcntl_exec,socket_accept,socket_bind,socket_clear_error,socket_close,socket_connect,symlink,posix_geteuid,ini_alter,socket_listen,socket_create_listen,socket_read,socket_create_pair,stream_socket_server,shell_exec,exec
To enable any PHP function, remove them from the list and click Save Changes.
Classic Interface
New Interface
Configuration for Magento 2 Applications
Certain PHP functions, such as exec, symlink, and putenv, are enabled by default when launching a Magento 2 application. These functions only affect the specific Magento application for which they are enabled and do not impact other non-Magento applications on the same server.
Why Are These Functions Enabled for Magento 2?
Magento's core functionalities rely on these functions to manage various settings. For example, putenv is used to set and manage configuration variables dynamically, which is essential for its operations. Similarly, exec is utilized for various tasks like setting the store mode to production or development through the Magento CLI.
Does Enabling These Functions Put My Magento Application at Risk?
While these PHP functions are not inherently dangerous, disabling them can help mitigate potential exploits if your application is compromised. If an attacker gains access to your application, having these functions enabled could allow them to cause more damage.
How to Mitigate Risks For Magento 2
To minimize the risks associated with your Magento 2 application, consider the following precautions:
Keep Magento Up to Date: Regularly update the core and modules to ensure you have the latest security updates and patches.
Activate Malware Protection Add-on: Enabling Malware Protection helps detect and prevent malicious activities on your server. This add-on scans your files in real-time for any threats and provides automated cleanup.
By following these guidelines, you can safely enable these functions for your Magento application while maintaining the overall security of your server.
That’s it! We hope this article was helpful. If you need any help, then feel free to search your query on Cloudways Support Center or contact us via chat (Need a Hand > Send us a Message). Alternatively, you can also create a support ticket.