{
	"id": "2384614d-0a9d-49db-8017-008e67446c4c",
	"created_at": "2026-04-06T01:32:40.42908Z",
	"updated_at": "2026-04-10T03:20:52.314202Z",
	"deleted_at": null,
	"sha1_hash": "223801511186550cae38f6596a1af12f7c70d4fe",
	"title": "PHP hardening checklist: disable dangerous functions",
	"llm_title": "",
	"authors": "",
	"file_creation_date": "0001-01-01T00:00:00Z",
	"file_modification_date": "0001-01-01T00:00:00Z",
	"file_size": 43726,
	"plain_text": "PHP hardening checklist: disable dangerous functions\r\nPublished: 2025-11-09 · Archived: 2026-04-06 00:48:21 UTC\r\nA powerful language like PHP can give life and great functionality to your site but it can also destroy it. With this\r\nguide, we’ll help you disable some of the most dangerous PHP functions out there. It will prevent most PHP shells\r\nfrom doing what they do best as well as protect you from poorly coded applications.\r\nWe do this for our clients as part of our Server hardening package.\r\nUpdating PHP’s configuration file\r\nFind the location of your php.ini file\r\nphp\r\n1php -i | grep php.ini\r\nOpen that file and look for disable_functions directive and replace it with the following line:\r\nphp\r\n1disable_functions = exec,system,passthru,readfile,shell_exec,escapeshellarg,escapeshellcmd,proc_close,proc_open\r\nNow save the changes and restart Apache:\r\nshell\r\n1/etc/init.d/httpd restart\r\nIf you want to make sure that it’s working, you can check with a php_info file or with\r\nhttps://itsyndicate.org/blog/disabling-dangerous-php-functions/\r\nPage 1 of 2\n\nshell\r\n1php -i | grep disable_functions\r\nPHP Functions and Description\r\nexec: Execute an external program\r\nsystem: Execute an external program and display the output\r\npassthru: Execute an external program and display raw output\r\nreadfile: Outputs a file\r\nshell_exec: Execute command via shell and return the complete output as a string\r\nescapeshellarg: Escape a string to be used as a shell argument\r\nescapeshellcmd: Escape shell metacharacters\r\nproc_open: Execute a command and open file pointers for input/output\r\nproc_close: Close a process opened by proc_open() and return the exit code of that process\r\nini_alter: Alias of ini_set()\r\ndl: Loads a PHP extension at runtime\r\npopen: Opens process file pointer\r\nparse_ini_file: Parse a configuration file\r\nshow_source: Alias of highlight_file()\r\ncurl_exec: Perform a cURL session\r\nSource: https://itsyndicate.org/blog/disabling-dangerous-php-functions/\r\nhttps://itsyndicate.org/blog/disabling-dangerous-php-functions/\r\nPage 2 of 2",
	"extraction_quality": 1,
	"language": "EN",
	"sources": [
		"MITRE"
	],
	"references": [
		"https://itsyndicate.org/blog/disabling-dangerous-php-functions/"
	],
	"report_names": [
		"disabling-dangerous-php-functions"
	],
	"threat_actors": [],
	"ts_created_at": 1775439160,
	"ts_updated_at": 1775791252,
	"ts_creation_date": 0,
	"ts_modification_date": 0,
	"files": {
		"pdf": "https://archive.orkl.eu/223801511186550cae38f6596a1af12f7c70d4fe.pdf",
		"text": "https://archive.orkl.eu/223801511186550cae38f6596a1af12f7c70d4fe.txt",
		"img": "https://archive.orkl.eu/223801511186550cae38f6596a1af12f7c70d4fe.jpg"
	}
}