Warning: escapeshellarg() has been disabled for security reasons

Jump to: navigation, search
       MediaWiki 1.16.0
       PHP      5.3.6 (cgi-fcgi)
       Database 5.1.56-log MySQL

http://www.nifrpg.net/wiki/index.php?title=Main_Page

Whenever we try to upload an image, we get this error: Warning: escapeshellarg() has been disabled for security reasons in /*****/*****/public_html/*****/includes/GlobalFunctions.php on line 1473 and the image doesn't upload. In place of where the image should appear, the following is there instead: Error creating thumbnail: Unable to run external programs in safe mode. How do we fix this please?

173.23.136.2306:39, 13 August 2011

Your ISP has the safe_mode setting enabled. Learn more here.

In short, yes, MediaWiki will work under safe mode but you're better off contacting your ISP and asking them to disable safe_mode. You might have to look for another host, at worst. I configure things myself, so I recommend Linode.

Frozen Wind07:31, 13 August 2011

Thank you :)

173.23.136.2307:35, 19 August 2011
 

My ISP has disabled some php functions, a.o. passthru() and escapeshellarg(). This has to do with the risk of running these functions in combination with user-supplied arguments. So, in my case, this warning has nothing to do with the safe_mode setting in php.ini. My ISP claims that most security breaches could be traced back to the misuse of these functions. Security is, of course, also in our interest. I wonder how other ISP's can guarantee security, while leaving commands like passthru(), shell_exec(), and exec() open for user-supplied arguments.

82.169.100.5109:22, 10 April 2012

Other hosts configure their systems properly. Maybe they can also invest more money into qualified personal, maybe because their customers pay more or because they work more efficiently; reasons may vary.

88.130.101.24611:15, 10 April 2012