Why is phpinfo() Disabled and How to Enable It

Disabling the PHP function phpinfo() has a good reason behind it — security. The phpinfo() function shows information about server settings, PHP values and the Kernel version. Such information can be used for malicious activity and hacker attacks on your website. The downside of disabling phpinfo(), though, is that debugging problems in PHP applications becomes much more difficult.

In this guide we will show you how to enable it on a WHM/cPanel server, in case it has been deactivated.

This post includes:

• Why is phpinfo Disabled?
• How to Enable phpinfo()?
• Via the MultiPHP Manager
• Via the MultiPHP INI Editor
• Conclusion

Why is phpinfo Disabled?

As we mentioned above, disabling phpinfo is for security reasons. The function shows information about your server which can be used by malicious actors to harm it. The function will not directly enable hackers to harm your server, but instead it can give them the information they need to find a way around your defences. 

However, if your WHM/cPanel server is running reliable security software you should not be concerned about phpinfo(). Your security software should stop any attempts at your server before they can do any harm, even if a hacker does have the necessary information from the phpinfo() function. Again: the function by itself will not harm your server.

How to Enable phpinfo()?

The function can be enabled by the administrator of the server in question. That means only people with root-level privileges can enable the phpinfo() function.

If you are one such user then you have two ways to do that.

Via the MultiPHP Manager

The first method uses WHM’s MultiPHP Manager tool. To access it follow these steps:

• Log into your root account in WHM;
• Search for the tool in either search bar. It should appear under the Software section;
• After opening the tool, look for the Manage Settings button in the PHP-FPM section;
• When you open the settings you will see the Disabled Functions field. If phpinfo() has been deactivated, then it will likely be present there. You can remove it by clicking the x next to it.

Don’t forget to click the Update button when you are ready. That will save your changes and enable phpinfo() on the server.

Via the MultiPHP INI Editor

This method is a variation of the previous one, but allows you to enable, or disable, the function for individual PHP versions. Once more, you will need root privileges for your server. 

• Log into your WHM root account;
• Look for the MultiPHP Ini Editor in the Software section;
• You will see two tabs: Basic Mode and Editor Mode. Select the latter and then select the PHP version.

• Selecting the PHP version will open that version’s own php.ini file. In it, search for the disable_functions rule. If phpinfo() is deactivated it will be listed there. Simply remove it from the list and save your changes;

The MultiPHP INI Editor method gives you more precise control over the phpinfo() function, in case you want to turn it off only on certain PHP versions.

Conclusion

As you can see, the process of enabling the phpinfo() function is not difficult. It is just a few clicks or a quick removal of the function from a list. The only hurdle here is that you need root-level access to your server. If you do not have it we recommend you contact the server owner, as they should be able to enable it for you.

Related articles

• How to Change the Max Memory and Max Upload Limit
• How to Set the max_input_vars Directive for Your Entire Hosting Account
• What Versions of PHP are Available at FastComet?
• How to Set Custom PHP Version per Directory
• How to Create phpinfo File and Check PHP Information