We build. You grow.

Get best community software here

Start a social network, a fan-site, an education project with oxwall - free opensource community software

A simple and very basic guide to the php.ini file | Forum

dave Leader
dave May 8 '16

First, what is a php.ini file?    The php.ini file is the local configuration file for PHP. It is called on to get the basic local config values for PHP.  PHP  has a default set of configs however if you want to change some of those, you can with a local config file, and that file is called php.ini. 


It usually sits in the public_html and sometimes hosts will provide one for you and some not. Some scripts come with one, and some don't. 


Oxwall does not come with a php.ini file. I suppose they feel that many hosts include a basic php.ini file with hosting and i suppose they also assume that most installs of Oxwall will be in the public_html directory.  


However what if you have Oxwall as a addon domain. Then what do you do? Well servers are pretty smart they know by default that if a php.ini file does not exist in the domain folder to always check the public_html folder by default for one. So pretty much your covered.  


However what if you want different settings for different domains, then what do you do.  Well that is why we are here, i will show you how to create and add a php.ini file to your sub domain or addon domain and have it work for you. Also we will cover some things to put into the php.ini file as well.  


This is not a advanced guide, there are tons of things you can do with a php.ini file but we are going to cover just some basics here.  So we will not be covering CGI or any of that stuff. We will be covering just a basic linux apache cpanel setup. 


First if you need to create a php.ini file it is easy to do. I prefer to create it inside the file manager of cpanel rather than on my desktop but that is just me.  My personal opinion is that files should be created "by and in" the environment they are going to be used. It's a server file so the server should create it, but again that's just me. 


So if you are in file manager you just select create new file and name it php.ini and make it a text file.  Bam you just created your first php.ini file... wasn't that easy :)


Now remember that by default if there is a php.ini file in the domain that is what the system will use for that domain. So now that you have created a php.ini file for your domain or sub domain, understand that this is what the system will use for that particular domain. 


For example:  


in public_html you have a php.ini file

in public_html/myaddon_domain there is another php.ini file


The system will use those exclusively since they exist.  If the one in your addon_domain gets deleted the system will use the one in the public_html.  I believe that the exception to this is using suPHP where you have to tell it where the ini file is that you want to use inside your htaccess file. (We wont be covering suPHP here today)


Now you say wait a minute, i know there is a php ini file but i dont see it in my public_html so where is it.  Some hosts stick their default ini file in a separate dir and then tell php where to find it.  


To find it you will have to look at your phpinfo() and find the section that says "loaded configuration file" and it will show you where the ini file is located.  This is done for many reasons, the first being extra security.  We won't cover phpinfo() here but there are many guides on it out there. 


So now we know where it is and we know where to find it and we have created out own.  So know what to put in it.  Here are some basic items you may want to include. 


Note - some servers and some software may conflict or may not work with some of these settings so you need to do your homework first before adding anything or you may get the dreaded 500 server error. 



First thing about a php.ini file is that if you want to comment something out so it is not used, then you use a semi-colon in front of it like so


; this is a comment

; code that is not used 


All of our code here will be commented out for instructional purpose.


You can set your error control:
;error_reporting = E_ALL & ~E_NOTICE


You can set the default address for other applications:
;zend_extension = "/home/name/public_html/ioncube/ioncube_loader_lin_5.2.so"



In the example above we are telling the system not to use the default ioncube that comes with the server but to use a custom location.  The reason for this is because many hosts don't bother to update their ioncube and so often the versions are way outdated. So you just get the ioncube files from the ioncube site and upload them to a special folder and then just tell the server where to find them. 

 
This value (register_globals) has been deprecated for security reasons and is no longer even available in new versions of PHP, however you still see it around from time to time on older scripts.  


;register_globals = Off



These next ones are fairly self explainatory, however some hosts may limit your ability to use them due to server performance.  For example, set memory limit to 900M and run a large script and see how fast you get a message from your host.  Most of the time 100M is more than enough for most scripts. 


;max_execution_time = 30

;memory_limit = 100M 



You typically want to keep these two below within about 10 percent of each other.  I always just make them the same value. You know in Oxwall settings->content settings for file attachments and it shows you what the server limit is, this is where that number comes from.


;post_max_size = 70M

;upload_max_filesize = 70M 


This can be a security risk to show errors as it diplays some private info as well, so we want to keep this off unless you are testing.  Also Oxwall has dev mode so if you just run Owall you wont need this. 


;display_errors = Off


You definetly want this on all the time

;log_errors = On


Magic quotes is another old deprecated value that has been removed from current PHP versions however you still see it in older scripts and servers versions. 


;magic_quotes_gpc = Off



The next two are important because they both offer benefits and liabilities as well. For example in order for the Oxwall update process to work it needs to use fopen so this should be left on.  However unless it is used along side other security as with many scripts today it can be dangerous as well. And then url_include you always want to have Off. 


;allow_url_fopen = On;

allow_url_include = Off



So those are the basics, this does not cover using suPHP or any of the other variations which have their own command syntax. 


Hope this has helped you. 


Dave :)


The Forum post is edited by dave Aug 19 '16
ross Team
ross May 10 '16
Thanks for the massive post Dave, I hope someone will find it useful
AppXprt
AppXprt Feb 2
Dave is awesome, this should be a sticky?