KICS logo
Community Calendar, Community Resources, Weather, Highways, Ferry Schedules

Ferry Schedule Highways Weather Resource Directory Calendar KICS logo
[an error occurred while processing this directive]

Frequently Asked Questions > Questions about web hosting > Customizing php.ini


Installing a custom php.ini file
contributed by John Pritchard (3 October 2002)

Situation

It is sometimes desirable to have the ability to customize your PHP installation. For example, you might want to turn "register_globals" off or on, modify the level of error reporting, add "include" pathways, or other such details. While this ability might not be of interest to the everyday user, it can provide an individual with adequate technical knowledge a lot of power and flexibility. However, utilizing a customized php.ini file also involves RISK. Make sure you know what you are doing, and be willing to accept the responsibility that comes with using a modified "php.ini" file.

Mission

You will configure your Kootenay Internet Communications Society web hosting environment to utilize a custom php.ini.

Execution

The first thing you need to decide is WHERE you are going to put your custom php.ini file. I would strongly recommend that you place this file OUTSIDE of your web directory. While it might be convenient to place php.ini in your webroot, it is an obvious location and it may be possible for someone to read your php.ini file and look for security vulnerabilities. Instead, place your customized php.ini file outside of your webroot. [You can also avoid exposing your php.ini file by changing its permissions to 600 (-rw-------) but it is better to use more than one safeguard!]

For example, let's assume your KICS username is "testbed" and your webroot directory is "testbed.kics.bc.ca". We will create a directory named "php_customization" to hold your custom php.ini file. In the following steps, I'll outline what you'll want to do once you've established shell access to your account via SSH or Telnet.

  1. See where you're at.
    testbed@kics:~ $ pwd
    /home/testbed
  2. Create the directory and add a "default" php.ini file.
    testbed@kics:~ $ mkdir php_customization
    testbed@kics:~ $ cd php_customization
    testbed@kics:~/php_customization $ cp /usr/local/lib/php.ini .
    testbed@kics:~/php_customization $ chmod 600 php.ini
    testbed@kics:~/php_customization $ ls
    php.ini
    testbed@kics:~/php_customization $ pwd
    /home/testbed/php_customization
  3. Create a PHP Information File.

    Now, we'll place a file in our webroot that will tell us what php.ini file is being used. [From now on, I'll just use a "$" to refer to the shell prompt. Comments will be in square brackets].
    [switch to your webroot directory]
    $ cd /home/testbed/testbed.kics.bc.ca
    [create the file "report-php.php"]
    $ echo >report-php.php '<?php phpinfo(); ?>'
    We can now visit the "report-php.php" file in our webroot to view our php configuration settings. This is accomplished by simply opening the page in any web browser. You'll want to look for the line titled "Configuration File (php.ini) Path". By default, it should read:
    /usr/local/lib/php.ini
    Keep in mind that the information displayed by the "phpinfo();" command can also provide people with sensitive information about your setup. So, as with your custom php.ini file, you'll want to take steps to protect it. I recommend naming the file something cryptic and deleting it when you are finished.
     
  4. Point to your custom php.ini file.

    To complete your setup, we simply need to add a .htaccess file that redefines the PHPRC environment variable. Place this file in your webroot.
    $ cd /home/testbed/testbed.kics.bc.ca
    $ echo >.htaccess 'SetEnv PHPRC /home/testbed/php_customization'
  5. Visit PHP Info File and Confirm Customization

    Visit the PHP Info file you created (i.e. report-php.php), give it a refresh, and see if the Configuration File (php.ini) Path has changed. If you've done everything correctly, it should now read:
    /home/testbed/php_customization/php.ini
  6. Modify your custom php.ini file

    You can now modify the php.ini file in your "php_customization" directory and this file will be used by PHP in your webspace. Again, you need to know how to customize your php.ini file, but we're assuming you've got that one covered. Good luck!

For system administrators

The steps above outline what you need to do to use a custom php.ini on the KICS web server (kics.bc.ca). If you are trying to set up a similar environment somewhere else, there are a couple of other things you'll want to know.

First, the KICS webserver uses FreeBSD 4.5 for the operating system. We're running Apache 1.3.27 with PHP 4.2.3 as a CGI. Apache runs as the "httpd" user.

If you use PHP as a CGI ("standalone"), you'll need to add PHPRC to suexec's list of safe_env_vars in src/support/suexec.c so that the PHPRC environment variable gets passed through to php.cgi (this is done by the Apache suexec env patch at http://tomclegg.net/apache). After updating suexec.c, recompile suexec and install it:

# make suexec
# install -o root -g httpd -m 4010 suexec /usr/local/sbin/suexec
# ls -l /usr/local/sbin/suexec
---S--x---  1 root  httpd  12088 Oct  2 23:17 /usr/local/sbin/suexec