Why is the phpinfo() function disabled in shared hosting?

The phpinfo() function is disabled in the shared hosting service due to a security vulnerability in PHP 5.3: CVE-2014-4721.

phpinfo() outputs information about PHP’s configuration, such as the values of PHP directives, loaded extensions and environment variables. Even though phpinfo() is disabled, you can still find that information using other functions:

PHP directives: ini_get() and ini_get_all()

Extensions/modules: get_loaded_extensions()

Environment variables: $_ENV

PHP or extension version: phpversion()

In case you have SSH access to the server, “php -i” can also be used to get PHP configuration settings. For example, to get the configuration for the PDO – MySQL extension:

Or to get the version of PHP: