Allow_URL_Fopen Limitation

Remote file inclusion attacks occur when an attacker pulls files from a remote location on to your server. When you use remote includes, an attacker can write a PHP script and host it on a server, and then use a remote inclusion method to take advantage of inclusion vulnerabilities on your server. With an insecure PHP configuration, attackers can execute the malicious data from their servers, even without read or write permissions on your server. To prevent remote file inclusion attacks, we set the allow_url_fopen and allow_url_include directives to Off in php settings.

Its allowed on our Managed Hosting plan if requested.

Was this answer helpful? 0 Users Found This Useful

Related Articles

Max_User_Connection Limit

In our all shared server max_user_connection for mysql has been set to 100. This is to prevent...

Memory Restriction

Our servers are hardened with a process memory restriction. A soft limit is set to 256 MB and a...