Feb 17, 2022
RunCloud takes the security of your web applications very seriously and has disabled many native PHP functions and features by default. However, you do have complete control over what is enabled and disabled. Removing the entire list of disabled functions can leave your server severely vulnerable to abuse and misuse and is not recommended.
Here is a list of disabled functions by default:
getmyuid,passthru,leak,listen,diskfreespace,tmpfile,link,ignore_user_abort,dl,set_time_limit,system,highlight_file,source,show_source,fpassthru,virtual,posix_ctermid,posix_getcwd,posix_getegid,posix_geteuid,posix_getgid,posix_getgrgid,posix_getgrnam,posix_getgroups,posix_getlogin,posix_getpgid,posix_getpgrp,posix_getpid,posix,_getppid,posix_getpwuid,posix_getrlimit,posix_getsid,posix_getuid,posix_isatty,posix_kill,posix_mkfifo,posix_setegid,posix_seteuid,posix_setgid,posix_setpgid,posix_setsid,posix_setuid,posix_times,posix_ttyname,posix_uname,proc_open,proc_close,proc_nice,proc_terminate,escapeshellcmd,ini_alter,popen,pcntl_exec,socket_accept,socket_bind,socket_clear_error,socket_close,socket_connect,symlink,posix_geteuid,ini_alter,socket_listen,socket_create_listen,socket_read,socket_create_pair,stream_socket_server,shell_exec,exec
To enable a feature, navigate to your Web Application and select Settings on the menu. Navigate the disable_functions section and then simply remove the function from the list.
For example, many developers may find themselves needing to send a shell command via code and will not be able to use it until this feature is lifted from its restriction. So to enable the function, remove shell_exec from the list and hit Update PHP Settings. The changes will be immediate and you will be able to use shell_exec without any issues.
It is highly recommended that you leave in all the default disabled functions.