I'm attempting to lock down my server and I'd like to disable some high risk functions (listed below).
Could someone tell me which ones Magento2 needs to work correctly so I can disable the rest?
system, exec, shell_exec, passthru, phpinfo, show_source, popen, proc_open, fopen_with_path, dbmopen, dbase_open, putenv, move_uploaded_file, chdir, mkdir, rmdir, chmod, rename, filepro, filepro_rowcount, filepro_retrieve, posix_mkfifo, ini_set
More than a week has passed since you created this post.
Were you able to find a solution?
Actually I was rather hoping someone who knows the ins and outs of Magento from a development point of view might be able to advise as I haven't added any of the functions to my disable_functions list, and I probably should.
Unfortunately, I'm not sure what features it'll break so I haven't yet done so but I would like to.
Is my question in the right place? Or should we move it somewhere more appropriate?
Thanks in advance.