Providing php access to many user require patience plus security aware.

People can damage server with some php function like system, passthru etc.

php provide php.ini file, this file needed to disable some dangerous function.

some option for disable php function are :

system, exec, shell_exec, passthru, set_time_limit, error_log, ini_alter, dl, pfsockopen, openlog, syslog, readlink, symlink, link, leak, fsockopen, popen, escapeshellcmd, apache_child_terminate apache_get_modules, apache_get_version, apache_getenv, apache_note,apache_setenv,virtual

after get this information php must know about these fucntion by editing php.ini files. This file located in C:\windows (in my win xp)

Double click to open, click edit -> find enter  "disable_function"

Before edit, the line will like this

to disable the functions just add after = sign, into this :

; This directive allows you to disable certain functions for security reasons.
; It receives a comma-delimited list of function names. This directive is
; *NOT* affected by whether Safe Mode is turned On or Off.
disable_functions = "system, exec, shell_exec, passthru, set_time_limit, error_log, ini_alter, dl, pfsockopen, openlog, syslog, readlink, symlink, link, leak, fsockopen, popen, escapeshellcmd, apache_child_terminate apache_get_modules, apache_get_version, apache_getenv, apache_note,apache_setenv,virtual"

save the file and restart web server.

open new plain file and save it as info.php

open browser and type address for the file, ex :

http://localhost/info.php

after editing php.ini

by adding this, security improve will take action. Of course trade off in client side, some function not available

user try to view php configuration using phpinfo()

• php disable function
• disable php functions
• php disable functions
• disable php function
• php disable passthru
• php function disable
• php disable functions vhost
• disable function php
• disable php passthru
• php disable a function
• disable passthru php
• disable user environment
• how to disable php functions
• passthru php activate
• how to disable user environment
• disable functions php
• call to undefined function apache_setenv()
• php passthru disable
• how remove user environment
• php functions disable
• disable pfsockopen
• enable passthru php
• php recommended disable functions
• function disable php hosting
• user environment disable
• magento php ini popen
• vhost php disable functions
• disable function in php
• disable function virtualhost php
• php disable funktion
• php disable functions per virtualhost
• php enable passthru drupal
• php disable functions passthru
• php enable passthru()
• php disable functions for a user
• php error_log to syslog vhost
• php exec passthru disable
• php fatal error: call to undefined function apache_setenv()
• php func disable
• php disable functions at runtime
• php function disable for one site only
• php function disabled
• php disable function in userdir
• php disabled function
• php disallow mail vhost
• php disable mail function
• php disabled functions c99_
• php disabled functions system symlink exec
• php disabled functions vhost
• php disable windows user