search

Home  >  Q&A  >  body text

Set php.ini directives for each site

<p>I have multiple sites running on Apache2 and PHP on Ubuntu Server. I know that PHP has a php.ini file that lets you set the values ​​for <code>upload_max_filesize</code>, <code>max_file_uploads</code> , <code>upload_tmp_dir</code> etc. But this will apply one value to all sites. </p> <p>How do I set directives for each site? For example: I want to set the <code>upload_max_filesize</code> of <code>sitea.com</code> to 50M, and set the <code>upload_max_filesize</ of <code>siteb.com</code> code> is set to 5M. </p> <p>Similarly, I want to set a unique <code>session.name</code> for each site. How can this be achieved? I read that there is something called <code>PHP_INI_USER</code>, <code>PHP_INI_PERDIR</code>, <code>PHP_INI_SYSTEM</code>, <code>PHP_INI_ALL</code> then I how should I do it? </p>
P粉283559033P粉283559033495 days ago597

reply all(2)I'll reply

  • P粉320361201

    P粉3203612012023-08-28 22:34:33

    Explicit comments from Mike 'Pomax' Kamermans explaining how this should be done. However the PHP manual documentation can be a bit off-putting.

    Also some clarifications on other answers:

    • Using PHP parser files (as described in Lajos Arpad) adds some security risks and a bunch of encoding, syntax, and some processing overhead that really aren't needed.

    • .htaccess It is indeed possible to set custom ini directives for certain PHP installations, but if you are using "FastCGI" or "CGI" (and possibly suPHP) ) PHP installation will actually cause your site to crash with a 500 error, so use a local .user.ini file as described here. How do I find my SAPI?

    • Only If you are running PHP as an Apache module (such as mod_php), use .htaccess. How do I find my SAPI?

    PHP suPHP/FastCGI/CGI SAPI

    So, how should your wish be fulfilled?

    1) Find Core PHP.ini details.

    Read the PHP.ini file of the current PHP version.

    At line 180 (for PHP 8.1), it should look like this:

    Make a note of the value, I recommend customizing the value (as shown in this example). This value is the file name of a file that will be located in each unique account on the server that holds the account-specific "local" settings of the global PHP.ini file.

    This file is usually located in the public_html folder, so it should start with . so that it is hidden by default (more on this later). If this file does not exist, the account's core PHP settings will not be changed.

    2) Remember/set file name and create new rule

    So you now know/have set the name of your custom PHP file; now generate the file in your account and then you can set the PHP.ini settings that you want to customize individually for this account.

    For example;

    will contain the following sample information: 

    ;
; Some optional comment text here for human consumption
;
session.cookie_secure=1
session.save_path=/home/sitea.com_account/sessions
session.name=session-sitea
error_log=/home/sitea.com_account/errors/PHP_errors.log
upload_max_filesize=50M

    This information is parsed by PHP and overrides any corresponding value in core PHP.ini, but only for that account.

    3) Customize as needed for each account

    For example, for your siteb.com php user ini file, it would look more like this:

    will contain the following sample information: 

    ;
; Some optional comment text here for human consumption
;
session.cookie_secure=1
session.save_path=/home/siteb.com_account/session_b
session.name=site-b-UniqueSession
error_log=/home/siteb.com_account/errors/PHP_errors.log
upload_max_filesize=5M

    You can then check that these account settings are set correctly by exploring phpinfo() on each account and noting the local and core differences shown.

    4) Test and confirm

    The core user.ini file in the

    /public_html/ path should be all that is needed for every sub-file/folder to be processed on that account (this sometimes depends on your exact LAMP server setup and your PHP handler).

    As I said, once you have the test ini file set up, you should run phpinfo() to check if its values ​​are implemented.

    If you don't want to use phpinfo() then you can easily use [ini_get](https://www.php.net/manual/en/function .ini-get) Dump sensitive data to the error log instead of the browser. 

    <?php
error_log("ini data for this account: ".ini_get('upload_max_filesize'));
exit;

    5) Security

    user.ini files usually start with . characters to hide it in the directory, but that doesn't mean browser agents can't access it, so it's a good idea to add a few lines to your .htaccess to deny access to this file. 

    <Files .account-php81.ini>
    Require all denied
</Files>

    Some final thoughts:

    Core PHP.ini values ​​do change in new versions of PHP, so the best practice is to use different local .ini files for different PHP versions (.account-php80.ini , <代码>.account-php81.ini, etc.). Note that each php.ini core needs to explicitly call its respective local user.ini file, as described in step 1 above.

    The above principles are summarized in the PHP manual, you must pay attention to:

    reply
    0
  • P粉144705065

    P粉1447050652023-08-28 14:10:59

    You can use a per-site (or even per-folder) .htaccess file to set PHP configuration values ​​- at least for most setups: if you look in the configuration directives documentation, for flags PHP_INI_PERDIR or < code>PHP_INI_ALL you can use the php_value or php_flag commands documented in the PHP .htaccess Set these contents in the file="https://www.php.net/manual/en/configuration.changes.php" rel="nofollow noreferrer">"How to change configuration settings"Documentation .

    For example, to set upload_max_filesize in a website, create a .htaccess file in the document root of the website and put the text in it: 

    php_value upload_max_filesize 24M

    Unfortunately, max_file_uploads and upload_tmp_dir are settings tagged PHP_INI_SYSTEM and you cannot change them in the .htaccess file ...

    reply
    0
  • Cancelreply