The PHP parameter allow_url_fopen has been disabled in PHP across our web hosting services as a security measure.

When enabled, allow_url_fopen allows PHP's file functions to retrieve data from remote locations such as an FTP server or website which can lead to code injection vulnerabilities. Typically these code injection vulnerabilities occur from improper input filtering when passing user-provided data to PHP functions. Disabling this function helps considerably in stopping your site from being compromised, as well as help prevent the unauthorised use of our servers for abusive or malicious purposes.

Was this answer helpful?

Related Articles

We have a security measure in place in PHP on all servers called "open_basedir". This is where PHP scripts are restricted with regard to what parts...
The path to Python on our servers is: /usr/bin/python
Imagemagick is a popular utility for manipulation of image files within scripts and is often used by image galleries. The ImageMagick files are...
The Ioncube loaders are installed and ready for use so you don't need to do anything to use them.
We run suPHP on our servers, so PHP is running as CGI.