For security reasons it's recommended to set always off allow_url_fopen at a global level.

But allow_url_fopen is considered a global PHP configuration value, and thus enabling it on a per-domain basis isn't allowed when it's disabled in the global PHP configuration file.

allow_url_fopen is a value labeled system, and cannot be altered in a local ini file. Since the options set in the MultiPHP Manager through cPanel are local changes, this will not work.

(For a full list of values and their types, see  )

So, what if a single site need allow_url_fopen enabled ?

Any labeled PHP_INI_SYSTEM cannot be changed by local ini files. The exception to this is that when using the SuPHP handler you can overwrite the "system" ini location to the local files using suPHP_ConfigPath in the .htaccess file.
This can be done by specifying the new system php.ini in the users .htaccess file with a line like the following.

suPHP_ConfigPath /home/$user/php.ini

In order to enable this it's recommended that you set it in WHM for the System INI(Home »Software »MultiPHP Manager).
Since you do not want this change done system-wide, you do have the option of using a custom configuration using a local php.ini after changing the users PHP handler to SuPHP.
This requires a fully formed php.ini and would allow the user access to changing all variables in it.

The best method to start this configuration, would be to copy the php.ini to the local home directory.

cp /opt/cpanel/ea-php56/root/etc/php.ini /home/user/

If you place the php.ini in the public_html, it's recommended securing the file from being accessible with a standard deny entry. 

For example:

<Files php.ini>
order allow,deny
deny from all

Found this article interesting?
Subscribe to DomainRegister´s newsletter!

You can unsubscribe at any time by simply clicking the link in the footer of our emails. For information about our privacy practices, please visit our website.

We use Mailchimp as our marketing platform. By clicking below to subscribe, you acknowledge that your information will be transferred to Mailchimp for processing. Learn more about Mailchimp s privacy practices here.

  • cPanel, php, security
  • 3 Users Found This Useful
Was this answer helpful?

Related Articles

 How do I turn off Directory Listing in cPanel?

In cPanel scroll down to the Advanced section and choose "Index Manager"Choose to open "Web root"...

 How to enable HotLink protection in cPanel

To enable hotlink protection in cPanel: Click on Hotlink Protection on the main screen of...

 How to show hidden files in cPanel File Manager

You can edit dotfiles (like .htaccess for example) via cPanel File manager, but they're "hidden"...

 What is the difference between the cPanel Dedicated License and the cPanel VPS License?

The type of cPanel license you need and use depends on the type of server that has been set up;...

 cPanel Supported Virtual Environments

cPanel products support the following virtual environments: Virtual environment...