How to Turn Off Remote Code Execution in php.ini

By | May 28, 2013

This is not a trick, but a must for server security.

If you would like to limit your users’ ability to execute the code, located on remote servers, you should ensure your php.ini has the following lines:

allow_url_fopen=Off
allow_url_include=Off

Of course, this will not save you from insecure code, but this is one of the first steps you need to perform after server setup.

Leave a Reply

Your email address will not be published. Required fields are marked *