{"id":342,"date":"2021-07-23T12:28:07","date_gmt":"2021-07-23T12:28:07","guid":{"rendered":"https:\/\/ssdsunucum.com\/blog\/how-to-edit-your-php-ini-file\/"},"modified":"2021-07-23T12:28:07","modified_gmt":"2021-07-23T12:28:07","slug":"how-to-edit-your-php-ini-file","status":"publish","type":"post","link":"https:\/\/ssdsunucum.com\/blog\/how-to-edit-your-php-ini-file\/","title":{"rendered":"How to Edit Your php.ini File"},"content":{"rendered":"<\/p>\n
\n
<\/div>\n
\n

Overview<\/h2>\n

You can update the settings of your server\u2019s php.ini<\/code> file to help secure your server. The method to use depends on your version of EasyApache.<\/p>\n

\n
Warning:<\/div>\n
\n
    \n
  • \n

    You must<\/strong> also use other security measures with these settings. When you use these alone, your server\u2019s security is at risk. Malicious users can bypass most hardening measures.<\/p>\n<\/li>\n

  • \n

    Apache reads all<\/strong> files with the .ini<\/code> file extension. If you have a custom .ini<\/code> file, you must<\/strong> update it manually.<\/p>\n<\/li>\n<\/ul><\/div>\n<\/div>\n

    Editing in EasyApache 3<\/h3>\n

    On systems that run EasyApache 3, the \/usr\/local\/lib\/<\/code> directory contains your server\u2019s php.ini<\/code> file.<\/p>\n

    Editing in EasyApache 4<\/h3>\n
    \n
    Note:<\/div>\n
    \n

    We recommend only<\/strong> editing these files with WHM\u2019s MultiPHP INI Editor<\/em> interface (WHM >> Home >> Software >> MultiPHP INI Editor<\/em>). This ensures that an operable version of PHP exists on the system.<\/p>\n<\/p><\/div>\n<\/div>\n

    On systems that run EasyApache 4, each version of PHP uses a separate php.ini<\/code> file. You must<\/strong> make changes separately to each file. Each file exists in the \/opt\/cpanel\/ea-php72\/root\/etc\/php.ini<\/code> file, where 72<\/code> is the PHP version number.<\/p>\n

    Directives<\/h2>\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n
    Directive<\/th>\nDescription<\/th>\nRecommended value<\/th>\n<\/tr>\n<\/thead>\n
    safe_mode<\/code><\/td>\nThis directive helps solve many problems that occur with using PHP in a shared hosting environment. It compares the PHP script\u2019s UID with the UIDs of files and directories that it tries to access. If the UIDs don\u2019t match, the system doesn\u2019t allow the script access. <\/p>\n
    \n
    Warning:<\/div>\n
    \n PHP 5.3.0 deprecated this directive and PHP 5.4.0 removed it.\n <\/div>\n<\/div>\n<\/td>\n
    		On<\/code><\/td>\n<\/tr>\n
    disable_functions<\/code><\/td>\nThis directive disables a list of PHP functions. For example, you can disable ones that execute subprocesses.<\/td>\nA comma-separated list of functions to disable.<\/td>\n<\/tr>\n
    register_globals<\/code><\/td>\nThis directive can allow attackers to bypass your settings via the URL. <\/p>\n
    \n
    Warning:<\/div>\n
    \n PHP 5.3.0 deprecated this directive and PHP 5.4.0 removed it.\n <\/div>\n<\/div>\n<\/td>\n
    		Off<\/code><\/td>\n<\/tr>\n
    display_errors<\/code><\/td>\nThis directive allows PHP to print run-time errors to generated HTML pages. When you disable it, PHP can still print errors to the appropriate error logs.<\/td>\nOff<\/code><\/td>\n<\/tr>\n
    allow_url_fopen<\/code><\/td>\nThis directive can allow attackers to open remote files from your server. They do this via file inclusion vulnerabilities.<\/td>\nOff<\/code><\/td>\n<\/tr>\n
    allow_url_include<\/code><\/td>\nThis directive can allow attackers to include remote files from your server. They do this via file inclusion vulnerabilities.<\/td>\nOff<\/code><\/td>\n<\/tr>\n
    file_uploads<\/code><\/td>\nThis directive can allow attackers to move their scripts on to and off of your server.<\/td>\nOff<\/code><\/td>\n<\/tr>\n
    open_basedir<\/code><\/td>\nThis directive limits file operations to a specific directory. Attackers may try to include local files in PHP scripts. This can allow them to access information about your server\u2019s filesystem. <\/p>\n
    \n
    Note:<\/div>\n
    \n
      \n
    • This setting only<\/strong> affects servers that use the mod_php<\/code> Apache module.<\/li>\n
    • If your system runs EasyApache 4, change this directive in the Editor Mode<\/i> section of WHM’s MultiPHP INI Editor<\/i> interface (WHM >> Home >> Software >> MultiPHP INI Editor<\/i>).<\/li>\n<\/ul><\/div>\n<\/div>\n<\/td>\n
    		~\/public_html<\/code><\/td>\n<\/tr>\n
    session.cookie_httponly<\/code><\/td>\nThis directive keeps JavaScript from accessing PHP session cookies. This ensures that attackers can\u2019t steal them.<\/p>\n
    \n
    Important:<\/div>\n
    \n You can\u2019t use this directive if your users use PHP session cookies through JavaScript.\n <\/div>\n<\/div>\n<\/td>\n
    		1<\/code><\/td>\n<\/tr>\n
    session.referer_check<\/code><\/td>\nThis directive allows it to check referrer values. You can specify a domain to make sure that session information stays internal. Then, users won\u2019t be able to expose session information when they\u2019re working on a web application.<\/p>\n
    \n
    Warning:<\/div>\n
    \n Do not<\/strong> rely on this security measure alone. It is trivial to send false referrer information.\n <\/div>\n<\/div>\n
    \n
    Note:<\/div>\n
    \n If your system runs EasyApache 4, change this directive in the Editor Mode<\/em> section of WHM\u2019s MultiPHP INI Editor<\/em> interface (WHM >> Home >> Software >> MultiPHP INI Editor<\/em>).\n <\/div>\n<\/div>\n<\/td>\n
    		On<\/code><\/td>\n<\/tr>\n<\/tbody>\n<\/table><\/div>\n","protected":false},"excerpt":{"rendered":"

    Overview You can update the settings of your server\u2019s php.ini file to help secure your server. The method to use depends on your version of EasyApache. Warning: You must also use other security measures with these settings. When you use these alone, your server\u2019s security is at risk. Malicious users can bypass most hardening measures. …<\/p>\n","protected":false},"author":1,"featured_media":343,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":[],"categories":[1],"tags":[],"amp_enabled":true,"_links":{"self":[{"href":"https:\/\/ssdsunucum.com\/blog\/wp-json\/wp\/v2\/posts\/342"}],"collection":[{"href":"https:\/\/ssdsunucum.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/ssdsunucum.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/ssdsunucum.com\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/ssdsunucum.com\/blog\/wp-json\/wp\/v2\/comments?post=342"}],"version-history":[{"count":0,"href":"https:\/\/ssdsunucum.com\/blog\/wp-json\/wp\/v2\/posts\/342\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/ssdsunucum.com\/blog\/wp-json\/wp\/v2\/media\/343"}],"wp:attachment":[{"href":"https:\/\/ssdsunucum.com\/blog\/wp-json\/wp\/v2\/media?parent=342"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/ssdsunucum.com\/blog\/wp-json\/wp\/v2\/categories?post=342"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/ssdsunucum.com\/blog\/wp-json\/wp\/v2\/tags?post=342"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}