allow_url_include is On (warning, you should have this param in Off state, or your site will unsafe)

How might I switch this thing off?

Quote · 8 May 2009

u can set it to off from your cpanel.

open php.ini and set the desired value, then save.

that is all
Quote · 8 May 2009

via .htaccess file as usual (yes, unsafe a little, but you will unable to register dolphin) :)

Quote · 8 May 2009

Thanks guys! Barrier broken "I'm in!"

Quote · 8 May 2009

Im having the same problem, Im running php5 on

I had the PHP config make a php.ini since there was none there, i changed the value to off not on.

I still get the same message..

Any ideas?


Quote · 9 May 2009

I am also on blue host with same problem. I have turned on FastCgi on so that one php.ini file is required for all the directories. I changed allow_url_include to off. Dolphin installed but still getting lots of cron mails saying allow_url_include is ON. Strange.

Quote · 13 May 2009

Hi. I am getting the same error when I log into the admin area:

allow_url_include is On (warning, you should have this param in Off state, or your site will unsafe)
Please go to the
Dolphin Troubleshooter
and solve the problem.

I set up a phpinfo.php file, and it indicates that allow_url_include is OFF

I have it set to off in both my htaccess and php.ini files

It was working, and I think I may have made a change to something in php.ini which may have triggered this.

The site is

Dolphin 6.1.6 on Apthost shared server

Any suggestions or ideas?


Quote · 6 Aug 2009

My host is Bluehost. After several attempts of trying to get anything over Dolphin 6.12 to work, I finally figured out the problem and solution. The problem is Bluehost has 3 settings for php server settings. These are all available from the Cpanel under Software/Services PCP Config oprion. Here is the process:


Here are your options are once you click on PHP Config:


1. PHP5

All files with the extension .php will be handled by the PHP5 engine.
Current, most reliable and best performing version of PHP

2. PHP5 (Single php.ini)
Same as PHP5, but all subdirectories will use ~/public_html/php.ini

3. PHP5 (FastCGI)
All files with the extension .php will be handled by PHP5 FastCGI processes.
FastCGI for PHP makes all your PHP applications run through mod_fastcgi instead of mod_suphp. This eliminates the overhead of loading the PHP interpretor on every hit. Since it is always in memory ready for the next hit, the responses will be generated faster.

Here is what I suggest for security reasons and ease of implementation:


Select Option 2 PHP5 (Single php.ini)  


Next scroll down to the next section on that page and select Install Default php.ini

Don't select Ioncube or SourceGuardian unless those are installed and needed by other scripts running on the server.


This will creat a file in your root (public_html) folder called php.ini.default. Rename the file to php.ini and then look for the following line of code (should be somewhere around line 494:


allow_url_include = On


Make sure this is set to Off not On.


allow_url_include = Off


Your done. Now all scripts will utilize the one php.ini for configuration settings.


Hope this helps.





Quote · 20 Oct 2009