What is 'allow_url_fopen' means? 'allow_url_fopen' is a way to allowing PHP script to execute request that users input from outside of your server/external sources.
Should I 'allow_url_fopen' is enabled or keep it off ? it depended on your sites purpose, if your site need to execute an API request or another scripting from external sources, then it must, But if your site only run a normal blog then it does not matter if it 'enabled' or 'disabled'.
For some peoples who want to use turnkey script or PHP script, they may need to 'enable' 'allow_url_fopen' feature because the script will not able work properly, for an example take a look at A to Z SEO Tools script installation requirement, and nowaday most PHP script or turnkey script required 'allow_url_fopen' to enabled.
To enable 'allow_url_fopen' in your web hosting server, there some way to make it happen, which:
Pretty simple for this, you just need to create support ticket or use their live chat to ask them to 'enable' 'allow_url_fopen' feature for your web host control panel.
First, you need to login to your web control panel, as for me I using "Cpanel" as my web host control panel, then open: File Manager > Public_HTML > .htacsess file and put this code into it, To "disable" it you just need to remove that code from your .htaccess file.
php_value allow_url_fopen On
Login into your web hosting control panel, then File Manager > Public_HTML then create new file and named it as "php.ini" then copy and paste this code into it.
allow_url_fopen = on
Finally, these 3 ways allow you to enable or disable your 'allow_url_fopen' setting and it works to most all server types that available today. Turnkey or PHP Script need to 'allow_url_fopen' enabled while enabling 'allow_url_fopen' can bring harm to your site, which allow mr.x access your files remotely and end up draining all your resources so do not enable it unless you need it.