Jump to content

Recommended Posts

 

I have recently embarked on understanding linux at command line, the sole reason for doing so is so i can use fsockopen or curl for INP scripts with paypal and similar scripts for another bank.

 

I contacted my old hosting company the yesterday (bb-online), as they are pretty friendly and know their stuff, to ask again why they did not allow the use of fsockopen or curl on their shared hosting... they returned to say they did not really know why... but they are not the only ones, when i searched i couldn't find a single host that would allow it.

 

Does anyone know the reason why shared hosting doesn't allow fsockopen or curl??

Link to comment
https://forums.phpfreaks.com/topic/249068-why-no-fsockopen-on-shared/
Share on other sites

My guess would be as a protection against illegitimate use. For example, fsockopen() allows you to make direct connections to servers and send/receive data from them while cURL makes it easy to farm content from websites. As if they feel that the bad uses outweigh the good uses (which, if you ask me, they don't).

 

Can't find a single host supporting either? That's surprising.

INP scripts with paypal and similar scripts for another bank.

 

Here's a different slant on the problem. You wouldn't want to use shared web hosting for an actual ecommerce site anyway. The database server that your account can access can also be accessed by all the other accounts that have been given access rights to that database server and database servers like mysql don't have bad login attempt/lockout protection against brute-force cracking attempts, so a script on any account can sit there 24/7 and try database usernames/passwords until they eventually connect to and have access to your database information. The security is only as strong as the strength of your database username/password. This is one of the two main reasons for hashing passwords that are stored in databases (the other reason being that not protecting against sql injection can allow outputting all the information in your database tables.)

 

For an ecommerce site, at a minimum, you would want either VPS or dedicated hosting where the database server is only accessible by your scripts.

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.