Why are exec(), system() disabled in a shared server environment

The reason we disable exec() and system() on our shared servers is purely security related. 

The problem with these functions is that vast majority of end-users do not keep their scripts up-to-date, and in turn allows exploits to be made with vulnerabilities in those scripts. If functions such as exec(), system(), passthru() are left enabled, this can open up a pandoras box for the host. In situation where script is exploited, the villain may use these functions to do damage to the server environment. 

OrangeWebsite.com keeps it's servers most dangerous functions disabled by default. This includes phpinfo() as it poses a risk as it display all the server information for one to exploit. We keep a tight ship for our clients, if at any time you need these functions we highly recommend you look at our VPS Solutions or our Dedicated Servers.
  • 4 utilizatori au considerat informația utilă
Răspunsul a fost util?

Articole similare

PHP/Zend Modules installed on all our Shared Servers

Below is a list which stores all the default installed PHP modules that comes with all of our...

Is it possible for me to change the server time?

The server clock is set to Greenwich Mean Time (GMT). You cannot change the time on a shared...

Is it possible for me to change the email timestamp?

Each webmail client has a timezone setting, which is set to the server clock by default....

Can I use Boonex Software (Ray, Dolphin & Orca) ?

This software will work on our shared servers. However you will NOT be able to use the...

Apache Modules installed on all of our Shared Servers

Apache Modules installed on all of our shared servers are listed below. Apache Modules...