How to disable/enable allow_url_include and allow_url_fopen function using custom php.ini

disable/enable allow_url_fopen and allow_url_include via using php.ini file

  1. Jaishree
    allow_url_fopen:

    For security purpose this function is set to off by default because this function allows you to access remote files that are opened. If you want to enable this function you need to modify in custom php.ini file. This function is disabled in some shared hosting server in configuration file of PHP for security. With the help of creating the custom php.ini file below public folder you can set both functions.

    allow_url_include:

    This function is also set to be off for security. This function is allows you to access remote file by require or include statements. Require or include statements are the main points of attacks for code injunction. This function is disabled in some shared hosting server in configuration file of PHP for security.

    Steps to enable allow_url _fopen and allow_url_include function:

    If you want to enable the allow_url_include and allow_url_fopen function then modify the configuration php file. For enabling this functions follow below steps:

    Step 1: first you should open or create a php.ini file below public folder.

    Step 2: then adding the two lines in php.ini file for enable functions.

    allow_url_fopen = on

    allow_url_include = on

    Steps to disable allow_url_fopen and allow_url_include functions:

    We suggest you to disable this function if you want to secure server. For disable this function you just need to modify in configuration file of php.

    Steps 1: you should open or create php.ini file below public folder.

    Steps 2: then disable both functions by simply adding two lines in file.

    allow_url_fopen = off

    allow_url_include = off