Enabling and disabling phpinfo() for security reasons

10 April 2009 · by · in Catatan, Info, Tips

Some server administrators may choose to disable the PHP function phpinfo() for security reasons. In cases where phpinfo() is disabled, debugging problems in Drupal (and PHP in general) is much more difficult but the server is also more secure.

If phpinfo() is disabled and you want to enable it, try the following:

* If you have access to the server’s php.ini file and the line that includes the disable_functions directive says disable_functions = phpinfo then change it to disable_functions =
* If you don’t have access to your server’s php.ini file, you may be able to create your own php.ini file and change the disable_functions directive that way. If that doesn’t work, please contact your server administrator.

If phpinfo() is enabled and you want to disable it, try the following:

* If you have access to the server’s php.ini file, change the line that includes the disable_functions directive so that it says disable_functions = phpinfo
* If you don’t have access to your server’s php.ini file, you may be able to create your own php.ini file and change the disable_functions directive that way. If that doesn’t work, you may be able to disable phpinfo() by configuring .htaccess or settings.php files.
o In .htaccess, add a line that says php_value disable_functions phpinfo
o In settings.php, add a line that says ini_set(‘disable_functions’, ‘phpinfo’);

Tags: , , ,