Go Daddy PHP5.3 php.ini file – ZendGuard Loader

Home Forums BulletProof Security Pro Go Daddy PHP5.3 php.ini file – ZendGuard Loader

Viewing 5 posts - 1 through 5 (of 5 total)
  • Author
  • #11958
    AITpro Admin

    UPDATE:  Now using PHP5.4.x on Go Daddy and no longer using ZendGuard.  The sites have never performed better.  Load speeds went from 2.0 – 3.0 seconds to under 1 second to 1.6 seconds – huge speed improvement.  I have seen speed improvements on other Hosts as well with PHP5.4.x installed so I believe PHP5.4.x just simply runs much faster than previous versions of PHP.

    # Go Daddy PHP5.4.x php/php.ini handler
    AddHandler x-httpd-php5-4 .php


    I previously had a known issue with using PHP5.3.x and FastCGI on Go Daddy where the site would stall, timeout or intermittent 500 Internal Server errors would happen.  I am happy to report that that issue is no longer occurring anymore. And using ZendGuard Loader appears to be working fine as well.

    Root .htaccess file php/php.ini handler for Go Daddy PHP5.3.x

    AddHandler x-httpd-php5-3 .php

    The apc and Zend directives go at the top of the php5.ini file to load ZendGuard Loader (apc needs to be off = 0):

    ;Not using this in my current php5.ini file
    ;but was using it previously with PHP5.2.x and it worked fine
    ;also did not interfere with affiliate plugin and cookie tracking
    ;Marks the cookie as accessible only through the HTTP protocol.
    ;This means that the cookie won't be accessible by scripting languages,
    ;such as JavaScript. This setting can effectively help to reduce identity theft
    ;through XSS attacks (although it is not supported by all browsers).
    ;To use this directive remove the semi-colon below
    ;session.cookie_httponly = 1

    Recommended Security & other settings in your Go Daddy php5.ini file:

    disable_functions = system, exec, shell_exec, passthru, proc_open, proc_close, proc_get_status, proc_terminate, show_source, popen, pclose, pcntl_exec, posix_kill, posix_mkfifo, ftp_connect, ftp_login, ftp_exec
    ;maximum memory limit on GD is 128M
    memory_limit = 128M
    asp_tags = Off
    allow_call_time_pass_reference = Off
    allow_url_fopen = Off
    allow_url_include = Off
    define_syslog_variables = Off
    display_errors = Off
    display_startup_errors = Off
    expose_php = Off
    ignore_repeated_errors = On
    ignore_repeated_source = Off
    implicit_flush = Off
    max_execution_time = 30
    max_input_time = 60
    magic_quotes_gpc = Off
    magic_quotes_runtime = Off
    mysql.allow_persistent = Off
    mysql.trace_mode = Off
    mysql.connect_timeout = 30
    output_buffering = Off
    register_globals = Off
    register_long_arrays = Off
    register_argc_argv = Off
    report_memleaks = On
    safe_mode = Off
    sql.safe_mode = Off
    variables_order = "GPCS"
    Young Master

    Hello AITPro Admin, in the above php.ini file I can see so many disable functions that were not included in BPS pro standard php.ini file. My questions is, can anyone who is not hosting on godaddy use those disable functions above since they help adding more extra security on their websites or do they only work on godaddy?

    AITpro Admin

    You can disable any php functions you want to disable.  php functions are not host specific.

    These php functions are essential / critical to disable…

    disable_functions = system, exec, passthru, shell_exec, show_source, popen, pclose, pcntl_exec

    …any other php functions you disable would be considered non-essential / non-critical.  All of the php functions above in the previous post are safe to disable on any site and do not interfere with WordPress or any plugins or themes that I am aware of.

    Young Master

    Thanks for your quick response and explanations, I really appreciate it.

    AITpro Admin

    Results 2-9-2014:

    Email from an associate who was experiencing many different issues with his Dedicated Server crash/rebooting during PHP processing that required a bit more juice from the Server briefly.

    Solved it…here is the settings that made it work maybe you can add it to the thread in the forum:

    in the post VirtualHosts include:

    <IfModule mod_fcgid.c>
    FcgidIdleScanInterval 1
    FcgidErrorScanInterval 3
    FcgidBusyScanInterval 120
    FcgidBusyTimeout 240
    FcgidProcessLifeTime 10
    FcgidMaxRequestsPerProcess 500
    FcgidMaxProcesses 45
    FcgidConnectTimeout 240
    FcgidIOTimeout 240
    FcgidIdleTimeout 240
    FcgidMaxRequestLen 15728640


Viewing 5 posts - 1 through 5 (of 5 total)
  • You must be logged in to reply to this topic.