Enable allow_url_fopen


#1

Hi. I saw that DreamHost have allow_url_fopen disabled.
Tech support told me to come here.

How can I enable it? I need to install my own php right? I have no expirience on it, I don’t know anything.
How can I install and enable allow_url_fopen ?


#2

It would be better to explain the type type of program you want to use. Even would be better would be a clip of the code of where the fopen is being used if possible. If it is against the license of the program then don’t worry about posting the code.
Reason why I said the above is that it may be possible for someone to rewrite the code using curl. As curl is more secure than fopen is.
Most people here will try to discourage you from enabling url fopen because it is unsecure and this is a shared server.
Silk

My website


#3

Here’s the wiki article with some cURL info that might help.

Here’s one on compiling your own PHP if you want to go that route.

More on cURL at the PHP site.


:stuck_out_tongue: Maximum savings promo code: MaxSavingsAtDH


#4

You need to know the following:

If enabled, allow_url_fopen allows PHP’s file functions – such as file_get_contents() and the include and require statements – can retrieve data from remote locations, like an FTP or web site. Programmers frequently forget this and don’t do proper input filtering when passing user-provided data to these functions, opening them up to code injection vulnerabilities. A large number of code injection vulnerabilities reported in PHP-based web applications are caused by the combination of enabling allow_url_fopen and bad input filtering.

[b]Recommendations:

You should [color=#CC0000]disable[/color] allow_url_fopen in the php.ini file[/b]

Source: The PHP Security Consortium

Maximum Cash Discount on any plan with MAXCASH