CentrioHost 24/7 Live Support

 

allow_url_fopen limitation

Remote file inclusion attacks occur when an attacker pulls files from a remote location on to your server. When you use remote includes, an attacker can write a PHP script and host it on a server, and then use a remote inclusion method to take advantage of inclusion vulnerabilities on your server. With an insecure PHP configuration, attackers can execute the malicious data from their servers, even without read or write permissions on your server. To prevent remote file inclusion attacks, we set the allow_url_fopen and allow_url_include directives to Off in php settings.

Its allowed on our Managed Hosting plan if requested.

Add to Favourites  Add to Favourites    Print this Article  Print this Article

Was this answer helpful?


Hosting Partners
Wildcard SSL Certificates