URL File-Access Is Disabled Error After Upgrading To PHP 5.2
Article By: petter
If you have recently upgraded to PHP 5.2.x or newer and are getting an error on your site saying URL file-access is disabled in the server configuration, you may be affected by a new PHP configuration change. As of PHP 5.2.0, a new configuration directive, allow_url_include, was introduced in an effort to enhance security in file inclusion. The introduction of this directive allows an admin to keep allow_url_fopen enabled for scripts that need it, but disable remote includes for include() and require() functions.
Tags: php, troubleshooting, upgrading centos, Disabled, Error, File Access
Note: We should take a moment to point out that enabling allow_url_fopen and allow_url_include are both strongly discouraged because of the potential for inclusion of remote URLs which can then execute arbitrary code. Furthermore, enabling protection via these two directives only prevents execution of arbitrary code from common URL handlers (e.g. http: and ftp:) and not other attack vectors. For ultimate security in this regard, consider using Suhosin as per this article on the developer's website.
With the above in mind, if you still decide that you need to have URL file-access enabled for your includes, you will need to add the new directive to your php.ini since it is not already defined and defaults to disabled (0). On a blank line in your php.ini (/usr/local/lib/php.ini on cPanel servers), add the following:
With the above in mind, if you still decide that you need to have URL file-access enabled for your includes, you will need to add the new directive to your php.ini since it is not already defined and defaults to disabled (0). On a blank line in your php.ini (/usr/local/lib/php.ini on cPanel servers), add the following:
allow_url_include = OnRestart your webserver and you're done.
Tags: php, troubleshooting, upgrading centos, Disabled, Error, File Access
Welcome to the healthcare-only HIPAA - GDPR compliant cloud. Exclusively hosted on a HPC environment!
Learn more or start today by choosing your secure HIPAA - GDPR compliant server's Operating System bellow and pick the package that's best for you.
BIPmd makes it simple to launch in the cloud and scale up as you grow – whether you’re running one virtual machine, thousand or more.
>
Looking for a custom solution?
Our technicians can provide you with the best custom-made solutionss on the market, no matter whether you're a small business or large enterprise.
Get in touch
Leave a Reply
Feedbacks
![]() This work is licensed under a Creative Commons Attribution- NonCommercial-ShareAlike 4.0 International License. |