As you know there's some php functions to be disabled on shared hosting environments. Searching the Google, I found many lists of these functions. one of these functions is curl_exec
, I can't understand why this function should be disabled? How this function could be vulnerable?
views:
45answers:
2It could be used to create a request loop on itself, which would lock the server. It could also be used to impersonate the site or proxy requests. If those are good enough reasons to disable curl_exex
, really depends how much you trust the code.
I can't comment on why your shared hosting provider has disabled it, but it may be simply to disallow you to script interactions with other websites (possibly to send spam, launch DoS attacks act as a proxy, etc.)
Here is an explanation from another hosting provider I found:
No, you can not enable curl_exec() from cPanel. Please be informed that we have disabled curl_exec() function on our shared server due to security reasons and we can not enable it.
Curl_exec() allows anyone to remotely fetch data from other remote web server and also download & upload files from remote servers.