Phpinfo() disabled on server


Hi there Server Configurators,

I have recently converted my site to HTTPS and have discovered
that "phpinfo()" does not work with this configuration. :unhappy:

As my host has unsupported php installed - ( 5.5.7 ) and has
promised to upgrade it in the near future, I need to make
regular checks on this assertion.

I know that I could disable the SSL and then check, but that process
would be an absolute pain in the arse.:wonky:

Are there htaccess or other methods that would resolve this problem?



What do you want with phpinfo()? What isn't working exactly?

Also if your host is still on PHP 5.5 I would strongly suggest you find a different host.


I want to see the information that this code...


... creates displayed in my browser when it uses HTTPS. :sunglasses:

Here is the link in question...

Obviously, as can be seen, the page in question is not working. :rolleyes:

That process would also be an absolute pain in the arse. :eyebrows:

At my advanced age, I tend to treat each day as though it may be my last. :rofl:



Try this instead which hopefully will override the phpinfo() settings and show errors and warnings:

  ini_set('html_errors', '1');
  ini_set('display_errors', '1');
  ini_set('display_startup_errors', '1');



You could also use this site to check .htaccess is working correctly.


Hi there John,

thanks for your reply. :winky:

Unfortunately, without or with the closing tag, I now get this information...

Warning: phpinfo() has been disabled for security reasons in
/services/webpages/c/o/ on line 6



Hi @coothead,

I am glad it worked, it looks as though your service provider is being super careful.

Are you just curious about the phpinfo() results or require specific information? If the latter then there may be other means of obtaining the information.


At any rate it doesn't have anything to do with https :slight_smile:

So I'll move this over to the PHP forum as it's no longer a server configuration question.


Hi there John,

Yes it is the latter. :winky:

The phpinfo() used to give the server's installed version right at beginning.

This is really all that I require.

Is there an alternative method to ascertain the installed version?



I agree that exposing that information can be a security risk. IMHO, instead of not exposing the fact that a site has a vulnerability it would be better to upgrade / reconfigure so a known vulnerabilitiy doesn't exist.

In any case, phpinfo is kind of like a "get everything at once" function. It might still be possible to put together your own version of a phpinfo getting the individual information you're interested in. Tedious, but hopefully only a one time job. eg.

if ( function_exists('phpversion') ) { 
  echo phpversion(); 
} else { 
  echo 'phpversion does not exist'; 
if ( function_exists('get_loaded_extensions') ) { 
  print_r( get_loaded_extensions() ); 
} else { 
  echo 'get_loaded_extensions does not exist'; 

etc. similar with ini_get() for individual settings. And you could put the strings into arrays to reduce repetitive if else code.


Hi there Mittineague,

thank you for your reply. :winky:


if ( function_exists('phpversion') ) { 
  echo phpversion(); 

...solved my problem.

My host, I now see, has upgraded to version 5.6.31 which is
supported for critical security issues only until 31/12/2018.

So I must be thankful for small mercies.

I will now press them shortly for the upgrade to 7.2.



Just be careful about what you wish for. There are several bc breaks (aka fixes) between 5.6 and 7.2. Especially the count function. Make sure you thoroughly test your code before the update.


<?php echo 1 <=> 2 ?>

if you see a -1, PHP 7 is running.
If you see an error, PHP 5 is running.
If you see the code, PHP is not running.
If you see absolutely nothing, PHP 5 is running and your host has turned off error reporting.

(Simplest version check - find a difference between versions, and run the command. In this case, the 'spaceship operator'.)


It seems that I am the unfortunate possessor of a naughty host. :eyebrows:



Grab the lines out of @John_Betong's post above, see if you can force PHP into spitting the errors out. Probably an unnecessary step ("Until you see a -1, PHP isnt running version 7"), but not bad practice anyway :wink:


Did you think to eval php -i

closed #16

This topic was automatically closed 91 days after the last reply. New replies are no longer allowed.