Better option is to log error to file and check it regularly. display_errors = OffĮrrors logging is good, but you should not display any error to user – it isn’t necessary, it isn’t „prety” and also can reveal your website configuration. You can configure this option and increase or decrease logging level – disable notices, warnings or new PHP versions stricts standards information. I think is good option to log any reports and fix bad scripts, but sometimes „all” is too much. I can’t say what setting will be good for your websites, all depend on your needs. It’s great option if we just want limit our PHP wrappers and disallow to run for example shell commands. disable_functions = exec shell_exec other_functionĭisable functions directive allows us to disable some of buil-in PHP functions. Cookie secure will force script to use secure connections to send cookies – it’s great option, but we must use encryption on our web server. It isn’t secure, because potential attacker can steal ID from URL (or users can just copy such URLs to other people…). Use only cookies will prevent script to use URLs to store session ID. First forces session renegeration and strengthens security – if we don’t use this setting, should always regenerate session ID after each request. These three settings are related to user sessions and cookies handling. Default value is -1 and it isn’t unlimited – that value means it will be the same as max_execution_time. In this case, it’s similar to max_execution_time, but applies only to POST/GET processing, not whole script execution. It’s maximum time to get data from user request – it means, maximum time what PHP can wait for user input: file uploading, send (very) big form, and others. Of course it will display error message to user, but you should always use this setting and also set small values – big execution limit allows potential attackers block your PHP and overload server if there is any slow scripts. Maximum time (in second) for one PHP request – after this time, script will be automatically terminated by PHP engine. Remember, that big upload limit and slow connection will block your processes. All depend of our needs – you should set maximum possible value. We can limit the size of files that users will upload on our forms, AJAX requests etc. These settings are related to files uploading. I think better option is to set low limit (32 MB) and increase this value on demand using ini_set function. It’s limit per process, so if you set 256 MB limit and there will be just 4 high memory usage processes, they may consume 1 GB. So, should we put there very big limit, half of our server memory capacity? No. Also some „standard” scripts may need high memory limit – Invision Power Board community software is good example with minimum 128 MB memory limit for installation. Some of our scripts can consume more memory, good example is images or text processing. It’s memory limit for PHP process and very important setting. Just open this file and find some values: Performance settings memory_limit = 32M We can overwrite some of this file values in wrapper configuration files, but it isn’t topic of this entry. It’s main PHP configuration file with global settings for all deamons that use this PHP version. Nginx optimizations, tips and tricks PHP.ini configuration file Nginx installation and first configuration Of course, fell free to use other settings than proposed on this blog entry. In this chapter we will change only one file, php.ini, which should be located on /etc/php/YOUR_VERSION/fpm/ directory. It’s time to change PHP default settings now – default configuration files from Ubuntu or Debian repositories aren’t bad, but we can make them better for our needs. We already have a configured a Nginx web server and PHP-FPM wrapper.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |