Installing a custom
contributed by John Pritchard (3 October 2002)
It is sometimes desirable to have the ability to customize your PHP
installation. For example, you might want to turn "register_globals"
off or on, modify the level of error reporting, add "include"
pathways, or other such details. While this ability might not be of
interest to the everyday user, it can provide an individual with
adequate technical knowledge a lot of power and flexibility. However,
utilizing a customized php.ini file also involves RISK. Make sure you
know what you are doing, and be willing to accept the responsibility
that comes with using a modified "php.ini" file.
You will configure your Kootenay Internet Communications Society
web hosting environment to utilize a custom php.ini.
The first thing you need to decide is WHERE you are going to put
your custom php.ini file. I would strongly recommend that you place
this file OUTSIDE of your web directory. While it might be convenient
to place php.ini in your webroot, it is an obvious location and it may
be possible for someone to read your php.ini file and look for
security vulnerabilities. Instead, place your customized php.ini file
outside of your webroot. [You can also avoid exposing your php.ini
file by changing its permissions to 600 (-rw-------) but it is better
to use more than one safeguard!]
For example, let's assume your KICS username is "testbed" and your
webroot directory is "testbed.kics.bc.ca". We will create a directory
named "php_customization" to hold your custom php.ini file. In the
following steps, I'll outline what you'll want to do once you've
established shell access to your account via SSH or Telnet.
- See where you're at.
testbed@kics:~ $ pwd
- Create the directory and add a "default" php.ini file.
testbed@kics:~ $ mkdir php_customization
testbed@kics:~ $ cd php_customization
testbed@kics:~/php_customization $ cp /usr/local/lib/php.ini .
testbed@kics:~/php_customization $ chmod 600 php.ini
testbed@kics:~/php_customization $ ls
testbed@kics:~/php_customization $ pwd
- Create a PHP Information File.
Now, we'll place a file in our webroot that will tell us what
php.ini file is being used. [From now on, I'll just use a "$" to refer
to the shell prompt. Comments will be in square brackets].
We can now visit the "report-php.php" file in our webroot to view our
php configuration settings. This is accomplished by simply opening the
page in any web browser. You'll want to look for the line titled
"Configuration File (php.ini) Path". By default, it should read:
[switch to your webroot directory]
$ cd /home/testbed/testbed.kics.bc.ca
[create the file "report-php.php"]
$ echo >report-php.php '<?php phpinfo(); ?>'
Keep in mind that the information displayed by the "phpinfo();"
command can also provide people with sensitive information about your
setup. So, as with your custom php.ini file, you'll want to take steps
to protect it. I recommend naming the file something cryptic and
deleting it when you are finished.
- Point to your custom php.ini file.
To complete your setup, we simply need to add a .htaccess file
that redefines the PHPRC environment variable. Place this file in your
$ cd /home/testbed/testbed.kics.bc.ca
$ echo >.htaccess 'SetEnv PHPRC /home/testbed/php_customization'
- Visit PHP Info File and Confirm Customization
Visit the PHP Info file you created (i.e. report-php.php),
give it a refresh, and see if the Configuration File (php.ini) Path
has changed. If you've done everything correctly, it should now read:
- Modify your custom php.ini file
You can now modify the php.ini file in your
"php_customization" directory and this file will be used by PHP in
your webspace. Again, you need to know how to customize your php.ini
file, but we're assuming you've got that one covered. Good luck!
For system administrators
The steps above outline what you need to do to use a custom php.ini
on the KICS web server (kics.bc.ca). If you are trying to set up a
similar environment somewhere else, there are a couple of other things
you'll want to know.
First, the KICS webserver uses FreeBSD 4.5 for the operating
system. We're running Apache 1.3.27 with PHP 4.2.3 as a CGI. Apache
runs as the "httpd" user.
If you use PHP as a CGI ("standalone"), you'll need to add
PHPRC to suexec's list of
src/support/suexec.c so that the
environment variable gets passed through to
is done by the Apache suexec env patch at http://tomclegg.net/apache).
After updating suexec.c, recompile suexec and install it:
# make suexec
# install -o root -g httpd -m 4010 suexec /usr/local/sbin/suexec
# ls -l /usr/local/sbin/suexec
---S--x--- 1 root httpd 12088 Oct 2 23:17 /usr/local/sbin/suexec