BIP KB:
URL File-Access Is Disabled Error After Upgrading To PHP 5.2
Article By petter
If you have recently upgraded to PHP 5.2.x or newer and are getting an error on your site saying URL file-access is disabled in the server configuration, you may be affected by a new PHP configuration change. As of PHP 5.2.0, a new configuration directive, allow_url_include, was introduced in an effort to enhance security in file inclusion. The introduction of this directive allows an admin to keep allow_url_fopen enabled for scripts that need it, but disable remote includes for include() and require() functions.
Tags: php, troubleshooting, upgrading centos, Disabled, Error, File Access
Note: We should take a moment to point out that enabling allow_url_fopen and allow_url_include are both strongly discouraged because of the potential for inclusion of remote URLs which can then execute arbitrary code. Furthermore, enabling protection via these two directives only prevents execution of arbitrary code from common URL handlers (e.g. http: and ftp:) and not other attack vectors. For ultimate security in this regard, consider using Suhosin as per this article on the developer's website.
With the above in mind, if you still decide that you need to have URL file-access enabled for your includes, you will need to add the new directive to your php.ini since it is not already defined and defaults to disabled (0). On a blank line in your php.ini (/usr/local/lib/php.ini on cPanel servers), add the following:
With the above in mind, if you still decide that you need to have URL file-access enabled for your includes, you will need to add the new directive to your php.ini since it is not already defined and defaults to disabled (0). On a blank line in your php.ini (/usr/local/lib/php.ini on cPanel servers), add the following:
allow_url_include = OnRestart your webserver and you're done.
Tags: php, troubleshooting, upgrading centos, Disabled, Error, File Access
Spin Up A VPS Server In No Time Flat
Simple Setup
Full Root Access
Straightforward Pricing
DEPLOY A SECURE VPS SERVER TODAY!Leave a Reply
Feedbacks
![]() This work is licensed under a Creative Commons Attribution- NonCommercial-ShareAlike 4.0 International License. |