proc_open Laravel error – Fix it without compromising server security
Oops! Is your Laravel website showing proc_open function unavailable error?
The proc_open is a PHP parameter used to execute the command and open file pointers.
Usually, server owners disable this function due to security risk as it allows external calls.
At Bobcares, customers often approach us to fix Laravel errors, as a part of our Server Management Services.
Today, we’ll see how our Support Engineers fix the proc_open error in Laravel.
The proc_open function and Laravel
Laravel is an open-source PHP web framework. This development tool makes the task of website development easier. This is because its code is simple and clean.
It uses many PHP functions in its code for various functionalities. One such PHP function is proc_open. This function executes a command and open file pointers for I/O.
But in most servers, the proc_open function will be disabled due to security risk. This function allows external calls that attackers may utilize. But if Laravel websites use this function at any point, it throws errors.
Recently one of our customers approached us with a proc_open error in Laravel. The error message appeared as,
Our Support Engineers had a closer look at the customer’s server. The customer had a cPanel account in the CloudLinux server with CageFS enabled in it. So to fix the error we have to either enable the proc_open function or avoid using this function.
Next, let’s see how to do this.
How to fix the proc_open error in Laravel?
Due to security concerns, the proc_open function in a server is usually disabled. Our Support Engineers always look if the function has critical importance in the working of the website. If yes, we enable it after ensuring the server security.
Let’s see two instances where we fixed the error.
For a cPanel account
The customer had a cPanel account in a shared hosting server. So before enabling the proc_open function server-wide, we lookout for the security of other customers in the server too.
But for this customer, we enabled it after looking at the security measures available in the server. Here are the steps we did to enable the proc_open function.
- First, we login to the cPanel account of the customer.
- Next, we selected the PHP version that Laravel uses. Here it was 7.2.
- We also selected PHP versions that were not native.
- Then we clicked on Switch to PHP Options on the top-right.
- Later, we added and edited the disabled_function directive. This way, we enabled the proc_open here.
Here we didn’t enable the proc_open function server-wide, rather we enabled it for a single cPanel account. Also, since the server had CageFS enabled, it reduces security risks in the server.
In other shared hosting servers
Enabling the proc_open function server-wide may not acceptable due to security risks. So if the error showed up in a shared hosting server, we recommend our customers to avoid using the function.
Usually, a default Laravel application will not require proc_open() to serve a site. Rather users use it debugging mode for enabling Flare error reporting service. So we publish the flare config file,
php artisan vendor:publish --tag=flare-config
And edit the config/flare.php. Here we set the following parameter false.
'collect_git_information' => false
Hence the application will not use proc_open function.
[Still, having trouble in fixing Laravel errors? – We can help you.]
In short, Laravel is a PHP based web application tool that uses a lot of PHP functions like proc_open. Today, we saw how our Support Engineers enable this function after looking at the security of the server.