Go Daddy PHP5.3 php.ini file – ZendGuard Loader

Home Forums BulletProof Security Pro Go Daddy PHP5.3 php.ini file – ZendGuard Loader

Tagged: , , , , , ,

Viewing 5 posts - 1 through 5 (of 5 total)
  • Author
    Posts
  • December 11, 2013 at 2:41 pm #11958
    AITpro Admin
    Keymaster

    UPDATE:  Now using PHP5.4.x on Go Daddy and no longer using ZendGuard.  The sites have never performed better.  Load speeds went from 2.0 – 3.0 seconds to under 1 second to 1.6 seconds – huge speed improvement.  I have seen speed improvements on other Hosts as well with PHP5.4.x installed so I believe PHP5.4.x just simply runs much faster than previous versions of PHP.

    # Go Daddy PHP5.4.x php/php.ini handler
AddHandler x-httpd-php5-4 .php

    _______________________________

    I previously had a known issue with using PHP5.3.x and FastCGI on Go Daddy where the site would stall, timeout or intermittent 500 Internal Server errors would happen.  I am happy to report that that issue is no longer occurring anymore. And using ZendGuard Loader appears to be working fine as well.

    Root .htaccess file php/php.ini handler for Go Daddy PHP5.3.x

    # GO DADDY PHP5.3.x PHPINI HANDLER
AddHandler x-httpd-php5-3 .php

    The apc and Zend directives go at the top of the php5.ini file to load ZendGuard Loader (apc needs to be off = 0):

    apc.enabled=0
[Zend]
zend_extension="/usr/local/Zend/lib/Guard-5.5.0/php-5.3.x/ZendGuardLoader.so"

;Not using this in my current php5.ini file
;but was using it previously with PHP5.2.x and it worked fine
;also did not interfere with affiliate plugin and cookie tracking
;
;Marks the cookie as accessible only through the HTTP protocol.
;This means that the cookie won't be accessible by scripting languages,
;such as JavaScript. This setting can effectively help to reduce identity theft
;through XSS attacks (although it is not supported by all browsers).
;
;To use this directive remove the semi-colon below
;session.cookie_httponly = 1

    Recommended Security & other settings in your Go Daddy php5.ini file:

    disable_functions = system, exec, shell_exec, passthru, proc_open, proc_close, proc_get_status, proc_terminate, show_source, popen, pclose, pcntl_exec, posix_kill, posix_mkfifo, ftp_connect, ftp_login, ftp_exec

;maximum memory limit on GD is 128M
memory_limit = 128M

asp_tags = Off
allow_call_time_pass_reference = Off
allow_url_fopen = Off
allow_url_include = Off
define_syslog_variables = Off
display_errors = Off
display_startup_errors = Off
expose_php = Off
ignore_repeated_errors = On
ignore_repeated_source = Off
implicit_flush = Off
max_execution_time = 30
max_input_time = 60
magic_quotes_gpc = Off
magic_quotes_runtime = Off
mysql.allow_persistent = Off
mysql.trace_mode = Off
mysql.connect_timeout = 30
output_buffering = Off
register_globals = Off
register_long_arrays = Off
register_argc_argv = Off
report_memleaks = On
safe_mode = Off
sql.safe_mode = Off
variables_order = "GPCS"
    December 23, 2013 at 1:10 pm #12142
    Young Master
    Participant

    Hello AITPro Admin, in the above php.ini file I can see so many disable functions that were not included in BPS pro standard php.ini file. My questions is, can anyone who is not hosting on godaddy use those disable functions above since they help adding more extra security on their websites or do they only work on godaddy?

    December 23, 2013 at 1:50 pm #12143
    AITpro Admin
    Keymaster

    You can disable any php functions you want to disable.  php functions are not host specific.

    These php functions are essential / critical to disable…

    disable_functions = system, exec, passthru, shell_exec, show_source, popen, pclose, pcntl_exec

    …any other php functions you disable would be considered non-essential / non-critical.  All of the php functions above in the previous post are safe to disable on any site and do not interfere with WordPress or any plugins or themes that I am aware of.

    December 23, 2013 at 1:55 pm #12146
    Young Master
    Participant

    Thanks for your quick response and explanations, I really appreciate it.

    February 9, 2014 at 11:24 am #12965
    AITpro Admin
    Keymaster

    Results 2-9-2014:

    Email from an associate who was experiencing many different issues with his Dedicated Server crash/rebooting during PHP processing that required a bit more juice from the Server briefly.

    Solved it…here is the settings that made it work maybe you can add it to the thread in the forum:

    in the post VirtualHosts include:

    <IfModule mod_fcgid.c>
FcgidIdleScanInterval 1
FcgidErrorScanInterval 3
FcgidBusyScanInterval 120
FcgidBusyTimeout 240
FcgidProcessLifeTime 10
FcgidMaxRequestsPerProcess 500
FcgidMaxProcesses 45
FcgidConnectTimeout 240
FcgidIOTimeout 240
FcgidIdleTimeout 240
FcgidMaxRequestLen 15728640
</IfModule>

    cheers!
    Phil

  • Author
    Posts
Viewing 5 posts - 1 through 5 (of 5 total)
  • You must be logged in to reply to this topic.