How to create custom php.ini

Home Forums BulletProof Security Pro How to create custom php.ini

This topic contains 69 replies, has 3 voices, and was last updated by  Innozant technologies 1 year, 11 months ago.

Viewing 15 posts - 31 through 45 (of 70 total)
  • Author
    Posts
  • #3160

    AITpro Admin
    Keymaster

    The important things to remember about php errors are these:

    Only PHP Fatal errors are really important.  The rest of the php error types are insignificant.  You can change the level of php error logging to ONLY log Fatal php errors on the P-Security ini_set Options page (See below).  PHP Errors are considered a normal thing that will happen on any website.  You should really ONLY be concerned about Fatal php errors and php errors that are happening constantly and not intermittently.

    PHP Error Types/Levels/Severity

    Strict – PHP will suggest making changes to the code which will ensure the best interoperability and forward compatibility of the code.
    Notice – Run-time notices. Indicate that the script encountered something that could indicate an error, but could also happen in the normal course of running a script.
    Parse – Compile-time parse errors. Parse errors should only be generated by the parser. Indicates a syntax error in the code.
    Warning – Run-time warnings (non-fatal errors). Execution of the script is not halted.
    Fatal – Fatal run-time errors. These indicate errors that cannot be recovered from, such as a memory allocation problem. Execution of the script is halted.

    To ONLY log Fatal php errors you would change the ini_set Options Error Reporting: setting to:  E_ERROR

    Recommended Setting: E_ALL|E_STRICT
    Description: 
    E_ALL logs all errors and warnings, except level E_STRICT. E_STRICT logs errors related to code that does meet the new stricter PHP coding standards. E_ERROR logs Fatal run-time errors. E_WARNING logs Warning run-time errors. E_PARSE logs Compile-time Parse errors.

    #3162

    Young Master
    Participant

    Thank you very much. One last thing before I go I would like to know how to BAN a user from accessing my site. Thanks

    #3163

    AITpro Admin
    Keymaster

    If the Forum Topic link below does not answer your question then please create a new Forum Post since this question is unrelated to php errors.  Thanks.

    http://forum.ait-pro.com/forums/topic/htaccess-block-ip-address-block-access-to-files-by-ip-address/

    #3164

    Young Master
    Participant

    I saw this message in my plugin “BPS has detected that your Web Host is using Suhosin, but the suhosin.executor.func.blacklist directive was not found in your custom php.ini file. Add the suhosin.executor.func.blacklist directive to your custom php.ini file and comment out the disable_functions directive in your custom php.ini file and then copy the functions shown in the disable_functions directive to your new suhosin.executor.func.blacklist directive that you just added.” Should I ignore this message or? Also while modifying my custom php.ini some of the codes like expose_php, implicit_flush, magic_quotes_gpc, register_long_arrays, register_argc_argv werent found in my php.ini Should I add them manualy?

    #3165

    AITpro Admin
    Keymaster

    You should use the suhosin.executor.func.blacklist directive instead of the disable_functions directive in your custom php.ini file.

    Search for disable_functions in your php.ini file and replace disable_functions with suhosin.executor.func.blacklist like this:

    suhosin.executor.func.blacklist = system, exec, passthru, shell_exec, show_source, popen, pclose, pcntl_exec

    If your custom php.ini file does not contain a particular directive you can add it.  If your web host does not allow a particular directive in a php.ini file your Host will just ignore it.  In some cases a Host will restrict the use of certain directives and if you add a restricted directive in a php.ini file it may cause your website to crash.  Usually the directive will just be ignored.

    #3166

    Young Master
    Participant

    I think my custom php.ini doesnt work as it should be. I replaced replace disable_functions with suhosin.executor.func.blacklist as u told me but the message is till showing up so i decided to test if my custom php.ini works correctly by changing maximum upload file size and maximum post size but nothing changed.

    I checked the Loaded Configuration File file path in the PHP Info Viewer to ensure that it is showing the path to my custom php.ini file and not your Servers default php.ini file and I found out that its still showing the Loaded Configuration File path for my default php.ini file.

    I dont know what went wrong here because I followed every procedure correctly on how to create my custom php.ini. Will you please help me with this?

    I dont know whats wrong here because I followed every procedure on how to create my custom php.ini. Will you please help me with this?

    #3168

    AITpro Admin
    Keymaster

    Does your web host require that you add a php.ini handler in your Root .htaccess file to tell the Server to look at your custom php.ini file and NOT the Server’s php.ini file?

    Every single web host has completely different and unique custom php.ini requirements.  Have you checked with your web host to get those custom php.ini requirements?

    Run the Diagnostic checking tool on the P-Security page.  Is the Loaded Configuration File path the path to your custom php.ini file?

    Example: /home/xxxxx/public_html/php.ini or is it the path to the Default Server php.ini file?

    If your custom php.ini file is seen as the Loaded Configuration file for your website then continue on, otherwise stop here and read the links I posted for you already in the very beginning of this topic on how to contact your web host and send them email questions about how to add a custom php.ini file for your website.

    Are you editing the custom php.ini file in your website root folder?

    Did you have AutoRestore turned Off while you were editing your custom php.ini file?

    #3169

    AITpro Admin
    Keymaster

    You were updating your post at the same time I was posting my reply.  Go back to the very beginning of this Topic and send an email to your web host to ask them what your hosts custom php.ini file requirements are.  Every single web host is completely different so you need to ask them these questions.

    #3170

    AITpro Admin
    Keymaster

    Here is the link you need to click:

    http://forum.ait-pro.com/forums/topic/request-to-have-host-added-to-the-custom-php-ini-web-host-list/

    Copy the custom php.ini questions in the link above and send an email to your web host support to get the answers.  Once you have the answers from your web host post them back here.

    #3173

    Young Master
    Participant

    Thank you very much…I will try to contact them and I will give you my feedback as soon as possible. Thank you.

    #3174

    Young Master
    Participant

    My host isn’t replying my e-mail. Are there any other ways I can do to make my php.ini work? Might the problem be that I choose the wrong Host Server php.ini file type?

    #3178

    AITpro Admin
    Keymaster

    The most common way to get your custom php.ini file to be recognized/seen as the Loaded Configuration File for your website is to add this php/php.ini handler in your root .htaccess file.

    # ADD A PHP HANDLER
    # If you are using a PHP Handler add your web hosts PHP Handler below

    Add your php/php.ini handler below/right after the code above in your Root .htaccess file.  Add you actual website path to the code below.  You will find your website path information on the BPS Pro System Info page.

    # ADD YOUR HOSTS NAME HERE PHPINI HANDLER CODE
    suPHP_ConfigPath /home/xxxxxx/public_html
    
    or
    
    # ADD YOUR HOSTS NAME HERE PHPINI HANDLER CODE
    suPHP_ConfigPath /home/xxxxxx/public_html/php.ini

    You might need to wait up to 15 minutes for your Server to see this new code and your custom php.ini file.  If your custom php/php.ini handler is recognized/seen as the Loaded Configuration File for your website then you can copy and paste this php/php.ini handler code to BPS Pro Custom Code.  Add it to the Top Custom Code text box and save it.

    #3185

    Young Master
    Participant

    Thank you very much. I have added the above php.ini hanlder code to my root .htaccess file as you. I only modified the xxxx on the path I hope am right.

    #3187

    AITpro Admin
    Keymaster

    No, that is probably not correct.  You need to get your actual path from the BPS Pro System Info tab page.  Look for the Document Root Path on the BPS Pro System Info tab page.

    Document Root Path: /this is the path you need to add

    #3188

    Young Master
    Participant

    I have added the path. Lets see if its goin to work.

Viewing 15 posts - 31 through 45 (of 70 total)

You must be logged in to reply to this topic.