PHP has a lot of functions which can be used to crack your server if not used properly. You can set list of functions in php.ini using disable_functions directive. This directive allows you to disable certain functions for security reasons. It takes on a comma-delimited list of function names.
Open a terminal application or login to your server over the ssh session using ssh command. Open php.ini file using a text editor such as vim command or nano command:
sudo nano /etc/php/8.0/fpm/php.ini
Find disable_functions and set new list as follows:
disable_functions =exec,passthru,shell_exec,system,proc_open,popen,curl_exec,curl_multi_exec,parse_ini_file,show_source
We also recommend to disable allow_url_include and allow_url_fopen for security reasons:
allow_url_fopen=Off allow_url_include=Off
Restart PHP with command:
systemctl restart php8.0-fpm