Php Ini Configuration
Php Ini Configuration
By changing some value of php.ini file we can increase memory limit and other configurations. File location is C:\xampp\apache\bin\php.ini for XAMPP. For online you will get Under Public_Html. By default it may not exist in Public_Html. So you can create a empty php.ini file here for configuration
Definition of php.ini Settings
expose_php = Off: hide php code and version. Hide your PHP code from being viewed from a browser or scraped from a bot.
allow_url_fopen = On : disables retrieving data from remote locations using php ftp or http proto
allow_url_include = Off: disables attaching files to urls that can be written back into the database
display_errors = Off : Disable displaying errors to screen
log_errors = on: Enable writing errors to server logs
enable_dl = Off: enable_dl
is on by default and allows open_basedir
restrictions, which limit the files a script can access, to be ignored. For that reason, it’s a dangerous option and should be explicitly turned off.
file_uploads = On: allows wordpress uploads
max_execution_time = 30: Kills processes that are stuck or taking longer than 30 seconds to complete. Uploading video or audio can take longer that 30 seconds.
max_input_time = 30: Kills processes that are stuck or taking longer than 30 seconds to complete. Adjust this to fit your needs. Uploading video or audio can sometimes take longer that 30 seconds.
memory_limit = 40M: Kills processes that are stuck or taking longer than 30 seconds to complete. Adjust this to fit your needs. Uploading video or audio can sometimes take longer that 30 seconds.max_input_vars = 1000
post_max_size = 516M : It is maximum file upload size
session.gc_maxlifetime = 1440: This value 1440 seconds defines how long an unused PHP session will be kept alive. E.g. A user logs in, browses through your application or web site, for hours, for days. No issue. As long as the time between his clicks never exceed 1440 seconds.
session.save_path = “/var/cpanel/php/sessions/ea-php72”
upload_max_filesize = 512M: It is maximum file upload size
zlib.output_compression = Off : The zlib extension offers the option to transparently compress your pages on-the-fly, if the requesting for browser supports this
session.cookie_httponly = off: Javascript Cookie Protection. If an attacker can manages to inject Javascript code for stealing user’s current cookies – the document.cookie string – the HttpOnly cookie you have set won’t show up in the list.
disable_functions=exec,passthru,shell_exec,system,proc_open,popen,curl_exec,curl_multi_exec,parse_ini_file,show_source : disabling dangerous PHP functions. Disable these most vulnerable to attack server functions that are rarely used
base64_decode = Off : turn base64 garbage off. Lots of bad thing hide in encrypted code and Base64 is the garbage of the internet. This will block any Base64 code from even running. Protecting you from a world of hidden virus and back door payloads. As an added bonus, lots of the themes in the WordPress theme gallery chooser are full of encrypted footers with author links, logos and nags to buy something. This will weed out those crap themes because they won’t work at all.
Php Ini Configuration 1 (Standard)
By default, it will not be present. Sometimes that file needs to be created to add the PHP extension values to it. There are disadvantages. Advantages are like if the file is created you can add the PHP extension codes like increasing memory limit, execution time etc which is required by WordPress.
allow_url_fopen = On
allow_url_include = Off
display_errors = Off
enable_dl = Off
file_uploads = On
max_execution_time = 90
max_input_time = 90
max_input_vars = 1000
memory_limit = 512M
post_max_size = 516M
session.gc_maxlifetime = 1440
session.save_path = “/var/cpanel/php/sessions/ea-php72”
upload_max_filesize = 512M
zlib.output_compression = Off
Php Ini Configuration 2 (Infected)
This is and infected configuration file of my hdsqrn site. Error Message was no input file specified. It can be solved according to configuration of Php Ini Configuration 1 (Standard)
allow_url_fopen = On
allow_url_include = Off
display_errors = Off
enable_dl = Off
file_uploads = On
max_execution_time = 30000
max_input_time = 60000
max_input_vars = 50000
memory_limit = 8192M
post_max_size = 8192M
session.gc_maxlifetime = 1440
session.save_path = “/var/cpanel/php/sessions/ea-php72”
upload_max_filesize = 4096M
zlib.output_compression = Off
Php Ini Configuration 3 (XAMP Standard)
Default Value : memory_limit = 128M
Expected value : memory_limit = 256M
max_execution_time = 600
max_input_time = 600
memory_limit = 1024M
post_max_size = 1024M
max_allowed_packet = 1024M
How to Protect php.ini File
Paste the following code into the bottom of the file and then click save . As a result your php.ini file will be protected. This change prevents php hackers from finding exploits on your site.
According to bluehost
<Files php.ini>
Order allow,deny
Deny from all
</Files>
According to inmotionhosting
Find your .htaccess file and edit it with a code editor. Place the following code in your .htaccess.
<filesMatch “.(htaccess|htpasswd|ini|phps|fla|psd|log|sh)$”> Order Allow,Deny Deny from all </filesMatch>
Problem1: Script timeout passed, if you want to finish import, please resubmit the same file and import will resume.
Problem1 Solution:
If you are importing your database using Phpmyadmin, then there’s a configuration file for it:
\phpmyadmin\libraries\config.default.php
Open this configuration file in any editor and change $cfg[‘ExecTimeLimit’] = 300; to $cfg[‘ExecTimeLimit’] = 0;
Trackbacks/Pingbacks