Hi @mshahamirian.
Sorry for the response delay, the email about this ended up in my spam folder. But now that I’m here…
IS THAT REALLY REQUIRED?
Hosting Monitor does need to run shell_exec() to get the disk space. Without it the plugin would need to use PHP to scan every file itself — and that’s a problem because (a) it’s slow, and (b) file permissions could block it anyway.
FIXING IT:
When you get a message about a disabled function it usually means that either your host or server admin has disabled it during PHP install. Let’s figure out who should un-disable this:
* Did you setup the server yourself & have root access? If so, then try grepping to find where that’s disabled & change it: grep -iw “shell_exec” /{your path to the PHP.ini file}/php.ini (and if you need to find your php.ini, just load a php file with only <?php phpinfo; ?> and pull it up in a browser.
* Can you edit your php.ini file via a hosting dashboard (like cPanel or similar)? If so, then open php.ini & search for “shell_exec”. Then restart the php and/or Apache process and things should be fixed.
* Does your host control all the PHP settings? Send them a support request to see if they’ll relax this requirement. Very few hosts block this, but among those that do, it’s about 50/50 on whether they’ll un-block it when you ask.
…if your host compllains about security, it’s worth noting:
The shell_exec() in Hosting Monitor doesn’t take user input & run it. It’s a hard-coded command that doesn’t affect security. And, if a hacker did get enough access to your site to change that command, then they’re already able to do more damage than shell_exec could on its own.
TL;DR
You may be able to change this setting yourself if you’re a server admin or have a good hosting control panel. Otherwise contact your host & ask them to enable it.
