allow_url_fopen is Off in php.ini and On in phpinfo()

SRQ_civicrm

Member
Feb 27, 2021
6
1
3
Daw5:U5a
cPanel Access Level
Root Administrator
allow_url_fopen is disabled in WHM's Multi PHP INI Editor and php.ini sets it explicitly to Off. None of the files in php.d touch it. And yet, phpinfo() reports it as On. Any thoughts on where that On is coming from? [WHM v92.0.11 on CENTOS 7.9]
 

Attachments

Last edited:

cPRex

Jurassic Moderator
Staff member
Oct 19, 2014
6,974
921
313
cPanel Access Level
Root Administrator
Hey there! A bit further up in the PHP Info page you've created you'll see a "loaded configuration" line. Does that list any other configuration files for PHP on the system? There could be a local value in public_html leading to this behavior for that specific domain.
 

cPRex

Jurassic Moderator
Staff member
Oct 19, 2014
6,974
921
313
cPanel Access Level
Root Administrator
That's interesting - on my personal system, I setup a domain to use PHP 7.3, and confirmed the php.ini has allow_url_fopen set to "off" by default. I then checked a PHP info page and confirmed that value was "off" there as well.

What if you try running this on the system?

Code:
#/opt/cpanel/ea-php73/root/usr/bin/php /home/username/public_html/phpinfo.php | grep allow_url_fopen
allow_url_fopen => Off => Off
That will perform a check of the PHP Info page manually on the command line with PHP version 7.3, and might show something different than the browser.
 

cPRex

Jurassic Moderator
Staff member
Oct 19, 2014
6,974
921
313
cPanel Access Level
Root Administrator
Progress! So that would confirm that things on the server side are working well.

Are we certain the domain name and PHP Info page you're checking in the browser has its DNS pointed to the same machine you're checking on command line? If you have another machine with Curl installed you could run "curl -v Best Website Builder Online | Yoursite" to see if there is any odd redirection happening and what IP address is returning that content.
 

SRQ_civicrm

Member
Feb 27, 2021
6
1
3
Daw5:U5a
cPanel Access Level
Root Administrator
An interesting possibility! I added an "echo ..." at the end of phpinfo.php. The echoed line showed up in both the web and local runs of phpinfo.php, so it is indeed the same server and script. Attached is a side by side comparison of the more interesting bits from both outputs. The only difference I can find is the url_fopen setting. Damn!!
 

Attachments