Hi @mshahamirian.
Sorry for the response delay, the email about this ended up in my spam folder. But now that I’m here…
IS THAT REALLY REQUIRED?
Hosting Monitor does need to run shell_exec() to get the disk space. Without it the plugin would need to use PHP to scan every file itself — and that’s a problem because (a) it’s slow, and (b) file permissions could block it anyway.
FIXING IT:
When you get a message about a disabled function it usually means that either your host or server admin has disabled it during PHP install. Let’s figure out who should un-disable this:
* Did you setup the server yourself & have root access? If so, then try grepping to find where that’s disabled & change it: grep -iw “shell_exec” /{your path to the PHP.ini file}/php.ini (and if you need to find your php.ini, just load a php file with only <?php phpinfo; ?> and pull it up in a browser.
* Can you edit your php.ini file via a hosting dashboard (like cPanel or similar)? If so, then open php.ini & search for “shell_exec”. Then restart the php and/or Apache process and things should be fixed.
* Does your host control all the PHP settings? Send them a support request to see if they’ll relax this requirement. Very few hosts block this, but among those that do, it’s about 50/50 on whether they’ll un-block it when you ask.
…if your host compllains about security, it’s worth noting:
The shell_exec() in Hosting Monitor doesn’t take user input & run it. It’s a hard-coded command that doesn’t affect security. And, if a hacker did get enough access to your site to change that command, then they’re already able to do more damage than shell_exec could on its own.
TL;DR
You may be able to change this setting yourself if you’re a server admin or have a good hosting control panel. Otherwise contact your host & ask them to enable it.
Since this seems to be a hosting/server-config issue & haven’t heard back in a week, I’m going to resolve this issue.
@mshahamirian, feel free to post back with more details or letting us know how it was fixed.
Hi @mbijon
Since my last post I tried to fix it by myself and know I get this error
Warning: shell_exec() has been disabled for security reasons in /home/hafezfan/public_html/wp-content/plugins/hosting-monitor/hosting-monitor.php on line 468
I have access to the host panel(cpanel) but don’t know how to edit php.ini
I’ve also searched about it and found that ‘php.ini file is located in the /usr/local/lib/ directory’ but I can’t find it
I know it’s the same error but on different line.
Hi again, you’ll see that same error on several lines until your host enables PHP’s shell_exec().
It sounds like your host either doesn’t let you edit php.ini through cPanel, or that you’re not a sysadmin & working in php.ini is risky. So the best option for you is probably my #3 from above:
“Does your host control all the PHP settings? Send them a support request to see if they’ll relax this requirement. Very few hosts block this, but among those that do, it’s about 50/50 on whether they’ll un-block it when you ask.”
Let me know what your hosts says here. Do you mind mentioning what host it is, so I can track which hosts this plugin may have trouble on?
