Custom php.ini File Setup PHP5.3.x and higher versions of PHP

[AW]

Hi BPS,
Yeh, i do bug them a lot of the custom php.ini :p , … guess they had enough tho…haha. By the way, i did employ one programmer to do some custom searching method which involve in php modification as well. So at the mean time, the ARQ was turn off. Am I doing it right to turn it off? Until when the project and script is completed, then only to turn it on? When I turn it on after the accomplishment of the script, would ARQ quarantine files which had been edited by the programmers? I would just need to Restore it back as usual. right?
Looking forward for your advice.
Thanks.
Regards,
Alex Wong

[Frank]

[Topic has been merged into this relevant Topic]
I must admit, that the php.ini setup is totally blurred to me, and I don’t feel, that BPS is really helping me in setting it up in any automated way.

One thing that really confuses me is this message:

Php.ini Options and File Manager General Check
This is just a very general check designed to make you aware of the php.ini Options page, the File Manager and general info about creating a custom php.ini file. To make this general displayed message go away copy the HTTP Error Log Path: that is displayed on the php.ini Options page to any available empty slot in the File Manager. When you create a new custom php.ini file for your website you will add the folder path to that new custom php.ini file that you create to any available empty slot in the File Manager. Custom php.ini file creation is a one time thing and only one custom php.ini file needs to be created per Hosting account to protect all of your websites under your Hosting account. Optional: You can add your custom php.ini file path in the File Manager for all of your other websites under your Hosting account, but this is completely optional and is not required.Click Here to go to the P-Security PHP.ini Options page.

To my knowledge there is no HTTP Error Log Path displayed on the php.ini Options page. There is a path to a php error log file and a couple of others. I copied that string to the file manager but I have no idea of if that was the right thing to do. Can someone give me a clue?

[AITpro Admin]

BPS can only provide some tools to do some custom php.ini things in an automated way for custom php.ini setup and cannot automatically create a custom php.ini file for every/all web hosts worldwide.  The reason for that is that there are literally 1,000’s of different possible custom php.ini setups for the 350,000+ different web hosts worlwide.  We spent a couple of years trying to automate custom php.ini setup and finally admitted that it just cannot be done.  So start at the beginning of this forum topic to get a general idea of how to proceed to setup a custom php.ini file on your web host.  Basically you need to contact your host to get the specific and unique custom php.ini setup steps and requirements for your specific web host.

[Frank]

Can I turn the php.ini security OFF?

[AITpro Admin]

I don’t understand the question?  BPS sets up ini_set options automatically when you run the Setup Wizard.  The ini_set options that are used are php.ini settings that can be set using ini_set.  There are a limited number of php.ini settings that can be set using ini_set.  So are you saying something is not setup or are you seeing error messages?  If you are not seeing any error messages then you do not need to do anything.

[Frank]

I’m seeing this and I don’t know what do to. I do not see any php.ini files anywhere.

BPS has detected that your Web Host is using Suhosin, but the suhosin.executor.func.blacklist directive was not found in your custom php.ini file. Add the suhosin.executor.func.blacklist directive to your custom php.ini file and comment out the disable_functions directive in your custom php.ini file and then copy the functions shown in the disable_functions directive to your new suhosin.executor.func.blacklist directive that you just added.

 

[AITpro Admin]

Oh ok I understand now.  The P-Security > Php.ini Security Status page does general inpage checks to see what your server is running/what is available/what is in use.  IF, you have a custom php.ini file created/setup then you would be able to change these custom php.ini directive settings and the general checks on this page would show you your setting changes.  Since you are not using a custom php.ini file then you can disregard all of the general checks on the Php.ini Security Status page. Another way of looking at the Php.ini Security Status page checks is that all of these checks are recommended settings and not required settings for anything.

[Frank]

OK, thank you. I disregard the checks. All the rest of the Wizard setup is fine and everything seems to run just fine!

Thank you so much for your fast response.

[AITpro Admin]

Great!  Very welcome.

[Hannah]

I’m revisiting the security settings to increase my knowledge and tune up my clients’ websites. Today I ran into this odd situation on one of them, which is running on PHP 5.6 at Bluehost. There are two php.ini files, the original one from Bluehost in public_html and the BPS Master. Both have been edited to conform to the security recommendations in the Php.ini Security Status tab, yet the red alerts have not cleared. What should I do?

[AITpro Admin]

@ Hannah – Go to P-Security > PHP.ini Options page > Diagnostic Checks|Recommendations > Run Check.  Post this information below.

PHP Version: 5.4.19
PHP|php.ini Handler: A PHP|php.ini Handler was found in your Root .htaccess file.
Loaded Configuration File: /home/xxxxx/html/php.ini

For BlueHost you need to follow their instructions here:  https://my.bluehost.com/cgi/help/128  Turn Off AutoRestore while you are creating/editing/adding your php.ini file, php handlers, making changes in your web host control panel, etc.  After you are done, run the Setup Wizard again.  php/php.ini files and anything related to these things is unique and specific to each web host.  ie there are 350,000+ web hosts worldwide and there are probably at least 1,000+ unique php/php.ini file related things/help/setup/etc. specific and unique to each web host.

[Author]

Posts