What is 'allow_url_fopen' means? 'allow_url_fopen' is a way to allowing PHP script to execute request that users input from outside of your server/external sources.
Should I 'allow_url_fopen' is enabled or keep it off ? it depended on your sites purpose, if your site need to execute an API request or another scripting from external sources, then it must, But if your site only run a normal blog then it does not matter if it 'enabled' or 'disabled'.
For some peoples who want to use turnkey script or PHP script, they may need to 'enable' 'allow_url_fopen' feature because the script will not able work properly, for an example take a look at A to Z SEO Tools script installation requirement, and nowaday most PHP script or turnkey script required 'allow_url_fopen' to enabled.
To Enable allow_url_fopen from your Web Control Panel
To enable 'allow_url_fopen' in your web hosting server, there some way to make it happen, which:
Ask your Web Hosting support to do it for you.
Do it by your self at .htaccess in your web hosting control panel.
Turn it 'On' with php.ini file.
1. Ask Your Web Hosting Support
Pretty simple for this, you just need to create support ticket or use their live chat to ask them to 'enable' 'allow_url_fopen' feature for your web host control panel.
2. Enable allow_url_fopen with .htaccess file
First, you need to login to your web control panel, as for me I using "Cpanel" as my web host control panel, then open: File Manager > Public_HTML > .htacsess file and put this code into it, To "disable" it you just need to remove that code from your .htaccess file.
php_value allow_url_fopen On
3. Enable alow_url_fopen with PHP.ini file
Login into your web hosting control panel, then File Manager > Public_HTML then create new file and named it as "php.ini" then copy and paste this code into it.
allow_url_fopen = on
Final Thought of allow_url_fopen
Finally, these 3 ways allow you to enable or disable your 'allow_url_fopen' setting and it works to most all server types that available today. Turnkey or PHP Script need to 'allow_url_fopen' enabled while enabling 'allow_url_fopen' can bring harm to your site, which allow mr.x access your files remotely and end up draining all your resources so do not enable it unless you need it.