How do i go about changing this so its not dangerous?

Dangerous PHP Functions Enabled

Some functions are enabled on your server which have the potential to cause serious damage to your community or server. If you are in a shared hosting environment, some of these functions may bypass the restrictions which prevent one account on the server affecting another. Their presence also increases the amount of damage that could be caused if your AdminCP is compromised.

Since Invision Community, and most other web applications do not use these functions, we recommend disabling them on your server, at least within the directory that your community is installed in. You should contact your hosting provider or system administrator and ask them to be added to the disable_functions PHP setting.

exec system passthru pcntl_exec popen proc_open shell_exec

That depend on the options you have with your hosting account.

If you are allowed to create your own php.ini (mostly when the hoster is using phpsuexec), you can set it in a php.ini in your webfolders root directory.

When using cloud hosting, mostly there is an option to view and change php settings.

There is a way do to it via .htaccess, provided the host has the setting to allow these settings in a .htaccess file, kind of like this:

php_value proc_open Off
php_value shell_exe Off
php_value exec Off

Don't use this, it's just an example, could also be php_flag or be configured in another way.

Shortly said, the best you can do is ask your hosting provider on if and how you can change these settings.

3 hours ago, Black Tiger said:

That depend on the options you have with your hosting account.

If you are allowed to create your own php.ini (mostly when the hoster is using phpsuexec), you can set it in a php.ini in your webfolders root directory.

When using cloud hosting, mostly there is an option to view and change php settings.

There is a way do to it via .htaccess, provided the host has the setting to allow these settings in a .htaccess file, kind of like this:

php_value proc_open Off
php_value shell_exe Off
php_value exec Off

Don't use this, it's just an example, could also be php_flag or be configured in another way.

Shortly said, the best you can do is ask your hosting provider on if and how you can change these settings.

 

I went and down this

 

Here is the line which I used in the php.ini file of the domain:
 

Code:

# list of function to disable globally #
disable_functions =exec,passthru,shell_exec,system,proc_open,popen,pcntl_exec

That is the correct line in the php.ini to be used if you have access to it.

Normally after the change the apache webserver should be reloaded. But if you can access it via your hosting panel, it will be probably be done for you.

It's easy to check, because if everhything is OK, the notice should have dissapeared now in your admin panel.