You need to know the following:
If enabled, allow_url_fopen allows PHP's file functions -- such as file_get_contents() and the include and require statements -- can retrieve data from remote locations, like an FTP or web site. Programmers frequently forget this and don't do proper input filtering when passing user-provided data to these functions, opening them up to code injection vulnerabilities. A large number of code injection vulnerabilities reported in PHP-based web applications are caused by the combination of enabling allow_url_fopen and bad input filtering.
You should [color=#CC0000]disable[/color] allow_url_fopen in the php.ini file[/b]
Source: The PHP Security Consortium
Maximum Cash Discount on any plan with MAXCASH