This is not a trick, but a must for server security.
If you would like to limit your users’ ability to execute the code, located on remote servers, you should ensure your php.ini has the following lines:
allow_url_fopen=Off
allow_url_include=Off
Of course, this will not save you from insecure code, but this is one of the first steps you need to perform after server setup.