Cómo deshabilitar funciones peligrosas en PHP

Funciones peligrosas en PHP

La ejecución de las siguientes funciones PHP pueden comprometer la ejecución de sus scripts o servidores.

Ejecute el siguiente comando para las versiones de PHP que necesita deshabilitar.

PHP switcher:

echo "disable_functions = exec, system, popen, proc_open, shell_exec, passthru, show_source" > /usr/local/php/php.d/disabled_function.ini

selector PHP-CGI:

echo "disable_functions = exec, system, popen, proc_open, shell_exec, passthru, show_source" > /opt/alt/php53/usr/php/php.d/disabled_function.ini

echo "disable_functions = exec, system, popen, proc_open, shell_exec, passthru, show_source" > /opt/alt/php54/usr/php/php.d/disabled_function.ini

echo "disable_functions = exec, system, popen, proc_open, shell_exec, passthru, show_source" > /opt/alt/php55/usr/php/php.d/disabled_function.ini

echo "disable_functions = exec, system, popen, proc_open, shell_exec, passthru, show_source" > /opt/alt/php56/usr/php/php.d/disabled_function.ini

echo "disable_functions = exec, system, popen, proc_open, shell_exec, passthru, show_source" > /opt/alt/php70/usr/php/php.d/disabled_function.ini

echo "disable_functions = exec, system, popen, proc_open, shell_exec, passthru, show_source" > /opt/alt/php71/usr/php/php.d/disabled_function.ini

echo "disable_functions = exec, system, popen, proc_open, shell_exec, passthru, show_source" > /opt/alt/php72/usr/php/php.d/disabled_function.ini

echo "disable_functions = exec, system, popen, proc_open, shell_exec, passthru, show_source" > /opt/alt/php73/usr/php/php.d/disabled_function.ini

Selector PHP_FPM:

Es necesarios reiniciar php-fpm para que se apliquen los cambios.

echo "disable_functions = exec, system, popen, proc_open, shell_exec, passthru, show_source" > /opt/alt/php-fpm53/usr/php/php.d/disabled_function.ini && service php-fpm53 restart

echo "disable_functions = exec, system, popen, proc_open, shell_exec, passthru, show_source" > /opt/alt/php-fpm54/usr/php/php.d/disabled_function.ini && service php-fpm54 restart

echo "disable_functions = exec, system, popen, proc_open, shell_exec, passthru, show_source" > /opt/alt/php-fpm55/usr/php/php.d/disabled_function.ini && service php-fpm55 restart

echo "disable_functions = exec, system, popen, proc_open, shell_exec, passthru, show_source" > /opt/alt/php-fpm56/usr/php/php.d/disabled_function.ini && service php-fpm56 restart

echo "disable_functions = exec, system, popen, proc_open, shell_exec, passthru, show_source" > /opt/alt/php-fpm70/usr/php/php.d/disabled_function.ini && service php-fpm70 restart

echo "disable_functions = exec, system, popen, proc_open, shell_exec, passthru, show_source" > /opt/alt/php-fpm71/usr/php/php.d/disabled_function.ini && service php-fpm71 restart

echo "disable_functions = exec, system, popen, proc_open, shell_exec, passthru, show_source" > /opt/alt/php-fpm72/usr/php/php.d/disabled_function.ini && service php-fpm72 restart

echo "disable_functions = exec, system, popen, proc_open, shell_exec, passthru, show_source" > /opt/alt/php-fpm73/usr/php/php.d/disabled_function.ini && service php-fpm73 restart

Para volver a habilitarlo, simplemente elimine el archivo disabled_function.ini para la versión de PHP que desee y reinicie apache/php-fpm.

Nota: Deshabitar las siguientes funciones de PHP es una recomendación de autor CWP 7 Web panel.
If you have any questions, feel free to contact the Picaraza Domains Ltd support team 24/7/365.
¿Fue útil la respuesta?

Artículos Relacionados

Cómo abrir puertos en Web Panel CWP 7

Configuración de puertos en CWP 7 El panel CWP 7 podemos configurar el cortafuegos CSF/LFD...