Dangerous PHP Functions enabled. Have access to PHP.ini.

[AriCode]

Hi there,

I am presented with this.

Looking through the forums, this appears to be an issue with some hosts (Mine is BlueHost). Per a technical support thread on these forums, I followed these instructions and added this following code to my php.ini file days ago.

However, I still have the notification warning me of the dangerous php functions. Any insight?

Edited May 12 by AriCode

[Marc Stridgen]

If you are having issues whereby that is still showing up, I would advise contacting your hosting company

[opentype]

Try without the quotation marks.

[AriCode]

53 minutes ago, opentype said:

Try without the quotation marks.

I just did this. Will give it 24 hours and see. If that doesn't work, I'll contact my host. Thanks guys.

[KT Walrus]

Maybe verify what PHP settings you are really running with in the ACP?

You can run phpinfo from the Get Support page (under Tools & Diagnostics sidebar).

Scroll down to see what disable_functions is set to... Or, check out all the other settings in the phpinfo page...

[Randy Calvert]

Also if you are changing php.ini… those changes might not be picked up until Apache is restarted. 

[nodle]

One idea since they have separated cloud vs. self-hosted is why do self-hosted clients still have to deal with this, and why can't we dismiss it permanently? I mean isn't it our responsibility to secure our own server, and since we are shouldn't we be allowed to dismiss it completely? I know with shared hosting it's sometimes impossible to dismiss this message. Just a thought.

[Randy Calvert]

14 minutes ago, nodle said:

One idea since they have separated cloud vs. self-hosted is why do self-hosted clients still have to deal with this, and why can't we dismiss it permanently? I mean isn't it our responsibility to secure our own server, and since we are shouldn't we be allowed to dismiss it completely? I know with shared hosting it's sometimes impossible to dismiss this message. Just a thought.

Might want to post that in the feedback forum instead in the middle of a help topic.  🙂 

[Stuart Silvester]

1 hour ago, nodle said:

One idea since they have separated cloud vs. self-hosted is why do self-hosted clients still have to deal with this, and why can't we dismiss it permanently? I mean isn't it our responsibility to secure our own server, and since we are shouldn't we be allowed to dismiss it completely? I know with shared hosting it's sometimes impossible to dismiss this message. Just a thought.

It's not separate at all, The apps are the same regardless whether they're self hosted or not.

This warning is most certainly for classic self-hosted and not our platform too, it's telling you that the server you're using is potentially insecure. Not just from your account on the server, but potentially other accounts on the server may be able to use these functions to access your data. It's something that needs securing properly to protect your data.

[TDBF]

11 hours ago, AriCode said:

Hi there,

I am presented with this.

Looking through the forums, this appears to be an issue with some hosts (Mine is BlueHost). Per a technical support thread on these forums, I followed these instructions and added this following code to my php.ini file days ago.

However, I still have the notification warning me of the dangerous php functions. Any insight?

There shouldn't be quotes around the functions, and you will have to use SHH to restart Apache or Nginx before any changes will take place.