PHP has a lot of functions which can be used to crack your server if not used properly. You can set list of functions in php.ini using disable_functions directive. This directive allows you to disable certain functions for security reasons. It takes on a comma-delimited list of function names.
Open a terminal application or login to your server over the ssh session using ssh command. Open php.ini file using a text editor such as vim command or nano command:
sudo nano /etc/php/8.0/fpm/php.ini
Find disable_functions and set new list as follows:
We also recommend to disable allow_url_include and allow_url_fopen for security reasons:
Restart PHP with command:
systemctl restart php8.0-fpm