Composer escapeshellarg() has been disabled for security reasons

Question

Hey I have a server on linode.com (Centos 7). I installed cpanel and composer in my server, when I run this command (via ssh) for creating a blank symfony project,

composer create-project symfony/framework-standard-edition '~2.6'

It outputs this:

Installing symfony/framework-standard-edition (v2.7.4)
  - Installing symfony/framework-standard-edition (v2.7.4)
    Downloading: 100%         



  [ErrorException]                                         
  escapeshellarg() has been disabled for security reasons  

How can i fix this?

I don't have much knowledge on server moreover it's my first server, if it's because of cpanel I think it will do it again and again in future, is cpanel an obstruction for me?

Answer 1

I fixed it by editing my php.ini file.

You can find your php.ini location with this command:

php -i | grep "Loaded Configuration File"

I searched escapesshellarg, and found it in disable_functions=. I deleted it from disable_functions and that fixed it.

Answer 2

You can use php -n, no php.ini file will be used.

Enabling escapeshellarg could be a security problem with mod_php or php-fpm.