The possibilities with PHP are endless, which makes it the best available server-side software for dynamic websites, including those that run on WordPress. In this post, let us take a look at some the PHP configuration improvements you can do after installing PHP. Not only will these improve security but also maximize the possibilities of PHP. If you have not read my other posts, How to install phpMyAdmin on Ubuntu? and 10 easy phpMyAdmin tweaks to simplify MySQL administration, you may do so in addition to following this post. Without further delay let us start improving your PHP configuration.
If you have not yet installed PHP, it is now time to do so. If you installed a LAMP server, PHP was already included in it. If not, you can follow my other post to install PHP on Ubuntu. Having installed PHP, let us look at how to improve your PHP configuration.
Below improvements are personal preferences. These are the among the first things I do after installing a LAMP server. You may choose to pick some of all. All the PHP configuration improvements require you to edit the /etc/php5/apache2/php.ini file. You may use any text editor to edit it or use the following command:
sudo nano /etc/php5/apache2/php.ini
I recommend that you create a backup before you edit the PHP configuration file. To create a backup, use the following command:
sudo cp -a /etc/php5/apache2/php.ini /etc/php5/apache2/php.ini.bak
1. Improve PHP Security
Open php.ini and find expose_php = On. Change it to the following:
expose_php = Off
This will stop your server from revealing that PHP is installed (by adding its signature to the web server header) on your server along with other information. While it may not be a security threat, it does reveal to potential hackers that the web server uses PHP. The less a hacker knows about your server configuration the better it is.
2. Increase PHP Memory Limit
This sets the maximum amount of memory that a script is allowed to use. White it prevents bugs and poorly written scripts from using up server's memory, if your script actually does require more memory then it might fail to execute due to insufficient memory. If your server as 2 or more GB of RAM memory, then I recommend setting it to 256 MB. Find and edit the following line in your PHP configuration file (php.ini) as shown below:
memory_limit = 256M
128M, which is the default, is also a good option. If you want to make unlimited memory available then use -1memory_limit should be larger than post_max_size and upload_max_filesize discussed below.
3. Increase PHP Maximum Execution Time
This sets the maximum time in seconds a script is allowed to run before it is terminated by the parser. While this helps prevent bugs and poorly written scripts from tying up the server, if your script actually does require long execution times it may fail to execute if the limit is insufficient. The default setting is 30. I recommend setting it to 300 seconds to match Apache's (and IIS's) timeout configurations. Find and edit the following line in your PHP configuration file (php.ini) as shown below:
max_execution_time = 300
4. Increase PHP Post Max Size
This sets the maximum size of POST data allowed as well as file upload. If you have large forms to process you might encounter memory issues. To upload large files, the memory_limit setting (discussed above) should be larger than post_max_size and post_max_size should be greater than upload_max_filesize (discussed below). I recommend setting it at least 32 MB. Find and edit the following line in your PHP configuration file (php.ini) as shown below:
post_max_size = 32M
5. Enable PHP File Uploads
Controls whether or not to allow HTTP file uploads. For WordPress installations, this setting has to be ON allow media upload. If you want file uploads possible on your website, I recommend turning it on. Find and edit the following line in your PHP configuration file (php.ini) as shown below:
file_uploads = On
6. Increase PHP File Upload Size
Sets the maximum size of an uploaded file. If your website depends on heavy media (high resolution images and videos) this setting should be higher. I recommend increasing it to 20 MB at least for a typical WordPress blog or a website. Find and edit the following line in your PHP configuration file (php.ini) as shown below:
upload_max_filesize = 32M
You may specify a higher limit but remember that your post_max_size must be larger than your upload_max_filesize and your memory_limit must be larger than your post_max_size.
7. Enable PHP Log Errors
It is a good idea to log PHP errors to be able to go back in history and trouble shoot problems. Other than displaying, PHP can also log the errors to a specific location. By default log_errors is set to Off. If you do not mind the minor server load increase, I recommend turning it On. Find and edit the following line in your PHP configuration file (php.ini) as shown below:
log_errors = On
Apply PHP Configuration Improvements
Editing the php.ini by itself does not apply the changes. Your Apache server has to be reloaded. Use the following command to apply the above PHP configuration improvements:
sudo service apache2 reload
Go ahead make the PHP configuration improvements and maximize your server's potential.
Anand is a self-learned computer enthusiast, hopeless tinkerer (if it ain't broke, fix it), a part-time blogger, and a Scientist during the day. He has been blogging since 2010 on Linux, Ubuntu, Home/Media/File Servers, Smart Home Automation, and related HOW-TOs.
Deployarr 5 Released!
Automate Homelab Setup with Deployarr. (Launch Sale)
PHP Configuration Improvements
