xref: /php-src/php.ini-production (revision 3de3e137)
1[PHP]
2
3;;;;;;;;;;;;;;;;;;;
4; About php.ini   ;
5;;;;;;;;;;;;;;;;;;;
6; PHP's initialization file, generally called php.ini, is responsible for
7; configuring many of the aspects of PHP's behavior.
8
9; PHP attempts to find and load this configuration from a number of locations.
10; The following is a summary of its search order:
11; 1. SAPI module specific location.
12; 2. The PHPRC environment variable.
13; 3. A number of predefined registry keys on Windows
14; 4. Current working directory (except CLI)
15; 5. The web server's directory (for SAPI modules), or directory of PHP
16; (otherwise in Windows)
17; 6. The directory from the --with-config-file-path compile time option, or the
18; Windows directory (usually C:\windows)
19; See the PHP docs for more specific information.
20; https://php.net/configuration.file
21
22; The syntax of the file is extremely simple.  Whitespace and lines
23; beginning with a semicolon are silently ignored (as you probably guessed).
24; Section headers (e.g. [Foo]) are also silently ignored, even though
25; they might mean something in the future.
26
27; Directives following the section heading [PATH=/www/mysite] only
28; apply to PHP files in the /www/mysite directory.  Directives
29; following the section heading [HOST=www.example.com] only apply to
30; PHP files served from www.example.com.  Directives set in these
31; special sections cannot be overridden by user-defined INI files or
32; at runtime. Currently, [PATH=] and [HOST=] sections only work under
33; CGI/FastCGI.
34; https://php.net/ini.sections
35
36; Directives are specified using the following syntax:
37; directive = value
38; Directive names are *case sensitive* - foo=bar is different from FOO=bar.
39; Directives are variables used to configure PHP or PHP extensions.
40; There is no name validation.  If PHP can't find an expected
41; directive because it is not set or is mistyped, a default value will be used.
42
43; The value can be a string, a number, a PHP constant (e.g. E_ALL or M_PI), one
44; of the INI constants (On, Off, True, False, Yes, No and None) or an expression
45; (e.g. E_ALL & ~E_NOTICE), a quoted string ("bar"), or a reference to a
46; previously set variable or directive (e.g. ${foo})
47
48; Expressions in the INI file are limited to bitwise operators and parentheses:
49; |  bitwise OR
50; ^  bitwise XOR
51; &  bitwise AND
52; ~  bitwise NOT
53; !  boolean NOT
54
55; Boolean flags can be turned on using the values 1, On, True or Yes.
56; They can be turned off using the values 0, Off, False or No.
57
58; An empty string can be denoted by simply not writing anything after the equal
59; sign, or by using the None keyword:
60
61; foo =         ; sets foo to an empty string
62; foo = None    ; sets foo to an empty string
63; foo = "None"  ; sets foo to the string 'None'
64
65; If you use constants in your value, and these constants belong to a
66; dynamically loaded extension (either a PHP extension or a Zend extension),
67; you may only use these constants *after* the line that loads the extension.
68
69;;;;;;;;;;;;;;;;;;;
70; About this file ;
71;;;;;;;;;;;;;;;;;;;
72; PHP comes packaged with two INI files. One that is recommended to be used
73; in production environments and one that is recommended to be used in
74; development environments.
75
76; php.ini-production contains settings which hold security, performance and
77; best practices at its core. But please be aware, these settings may break
78; compatibility with older or less security-conscious applications. We
79; recommending using the production ini in production and testing environments.
80
81; php.ini-development is very similar to its production variant, except it is
82; much more verbose when it comes to errors. We recommend using the
83; development version only in development environments, as errors shown to
84; application users can inadvertently leak otherwise secure information.
85
86; This is the php.ini-production INI file.
87
88;;;;;;;;;;;;;;;;;;;
89; Quick Reference ;
90;;;;;;;;;;;;;;;;;;;
91
92; The following are all the settings which are different in either the production
93; or development versions of the INIs with respect to PHP's default behavior.
94; Please see the actual settings later in the document for more details as to why
95; we recommend these changes in PHP's behavior.
96
97; display_errors
98;   Default Value: On
99;   Development Value: On
100;   Production Value: Off
101
102; display_startup_errors
103;   Default Value: On
104;   Development Value: On
105;   Production Value: Off
106
107; error_reporting
108;   Default Value: E_ALL
109;   Development Value: E_ALL
110;   Production Value: E_ALL & ~E_DEPRECATED & ~E_STRICT
111
112; log_errors
113;   Default Value: Off
114;   Development Value: On
115;   Production Value: On
116
117; max_input_time
118;   Default Value: -1 (Unlimited)
119;   Development Value: 60 (60 seconds)
120;   Production Value: 60 (60 seconds)
121
122; output_buffering
123;   Default Value: Off
124;   Development Value: 4096
125;   Production Value: 4096
126
127; register_argc_argv
128;   Default Value: On
129;   Development Value: Off
130;   Production Value: Off
131
132; request_order
133;   Default Value: None
134;   Development Value: "GP"
135;   Production Value: "GP"
136
137; session.gc_divisor
138;   Default Value: 100
139;   Development Value: 1000
140;   Production Value: 1000
141
142; session.sid_bits_per_character
143;   Default Value: 4
144;   Development Value: 5
145;   Production Value: 5
146
147; session.sid_length
148;   Default Value: 32
149;   Development Value: 26
150;   Production Value: 26
151
152; short_open_tag
153;   Default Value: On
154;   Development Value: Off
155;   Production Value: Off
156
157; variables_order
158;   Default Value: "EGPCS"
159;   Development Value: "GPCS"
160;   Production Value: "GPCS"
161
162; zend.assertions
163;   Default Value: 1
164;   Development Value: 1
165;   Production Value: -1
166
167; zend.exception_ignore_args
168;   Default Value: Off
169;   Development Value: Off
170;   Production Value: On
171
172; zend.exception_string_param_max_len
173;   Default Value: 15
174;   Development Value: 15
175;   Production Value: 0
176
177;;;;;;;;;;;;;;;;;;;;
178; php.ini Options  ;
179;;;;;;;;;;;;;;;;;;;;
180; Name for user-defined php.ini (.htaccess) files. Default is ".user.ini"
181;user_ini.filename = ".user.ini"
182
183; To disable this feature set this option to an empty value
184;user_ini.filename =
185
186; TTL for user-defined php.ini files (time-to-live) in seconds. Default is 300 seconds (5 minutes)
187;user_ini.cache_ttl = 300
188
189;;;;;;;;;;;;;;;;;;;;
190; Language Options ;
191;;;;;;;;;;;;;;;;;;;;
192
193; Enable the PHP scripting language engine under Apache.
194; https://php.net/engine
195engine = On
196
197; This directive determines whether or not PHP will recognize code between
198; <? and ?> tags as PHP source which should be processed as such. It is
199; generally recommended that <?php and ?> should be used and that this feature
200; should be disabled, as enabling it may result in issues when generating XML
201; documents, however this remains supported for backward compatibility reasons.
202; Note that this directive does not control the <?= shorthand tag, which can be
203; used regardless of this directive.
204; Default Value: On
205; Development Value: Off
206; Production Value: Off
207; https://php.net/short-open-tag
208short_open_tag = Off
209
210; The number of significant digits displayed in floating point numbers.
211; https://php.net/precision
212precision = 14
213
214; Output buffering is a mechanism for controlling how much output data
215; (excluding headers and cookies) PHP should keep internally before pushing that
216; data to the client. If your application's output exceeds this setting, PHP
217; will send that data in chunks of roughly the size you specify.
218; Turning on this setting and managing its maximum buffer size can yield some
219; interesting side-effects depending on your application and web server.
220; You may be able to send headers and cookies after you've already sent output
221; through print or echo. You also may see performance benefits if your server is
222; emitting less packets due to buffered output versus PHP streaming the output
223; as it gets it. On production servers, 4096 bytes is a good setting for performance
224; reasons.
225; Note: Output buffering can also be controlled via Output Buffering Control
226;   functions.
227; Possible Values:
228;   On = Enabled and buffer is unlimited. (Use with caution)
229;   Off = Disabled
230;   Integer = Enables the buffer and sets its maximum size in bytes.
231; Note: This directive is hardcoded to Off for the CLI SAPI
232; Default Value: Off
233; Development Value: 4096
234; Production Value: 4096
235; https://php.net/output-buffering
236output_buffering = 4096
237
238; You can redirect all of the output of your scripts to a function.  For
239; example, if you set output_handler to "mb_output_handler", character
240; encoding will be transparently converted to the specified encoding.
241; Setting any output handler automatically turns on output buffering.
242; Note: People who wrote portable scripts should not depend on this ini
243;   directive. Instead, explicitly set the output handler using ob_start().
244;   Using this ini directive may cause problems unless you know what script
245;   is doing.
246; Note: You cannot use both "mb_output_handler" with "ob_iconv_handler"
247;   and you cannot use both "ob_gzhandler" and "zlib.output_compression".
248; Note: output_handler must be empty if this is set 'On' !!!!
249;   Instead you must use zlib.output_handler.
250; https://php.net/output-handler
251;output_handler =
252
253; URL rewriter function rewrites URL on the fly by using
254; output buffer. You can set target tags by this configuration.
255; "form" tag is special tag. It will add hidden input tag to pass values.
256; Refer to session.trans_sid_tags for usage.
257; Default Value: "form="
258; Development Value: "form="
259; Production Value: "form="
260;url_rewriter.tags
261
262; URL rewriter will not rewrite absolute URL nor form by default. To enable
263; absolute URL rewrite, allowed hosts must be defined at RUNTIME.
264; Refer to session.trans_sid_hosts for more details.
265; Default Value: ""
266; Development Value: ""
267; Production Value: ""
268;url_rewriter.hosts
269
270; Transparent output compression using the zlib library
271; Valid values for this option are 'off', 'on', or a specific buffer size
272; to be used for compression (default is 4KB)
273; Note: Resulting chunk size may vary due to nature of compression. PHP
274;   outputs chunks that are few hundreds bytes each as a result of
275;   compression. If you prefer a larger chunk size for better
276;   performance, enable output_buffering in addition.
277; Note: You need to use zlib.output_handler instead of the standard
278;   output_handler, or otherwise the output will be corrupted.
279; https://php.net/zlib.output-compression
280zlib.output_compression = Off
281
282; https://php.net/zlib.output-compression-level
283;zlib.output_compression_level = -1
284
285; You cannot specify additional output handlers if zlib.output_compression
286; is activated here. This setting does the same as output_handler but in
287; a different order.
288; https://php.net/zlib.output-handler
289;zlib.output_handler =
290
291; Implicit flush tells PHP to tell the output layer to flush itself
292; automatically after every output block.  This is equivalent to calling the
293; PHP function flush() after each and every call to print() or echo() and each
294; and every HTML block.  Turning this option on has serious performance
295; implications and is generally recommended for debugging purposes only.
296; https://php.net/implicit-flush
297; Note: This directive is hardcoded to On for the CLI SAPI
298implicit_flush = Off
299
300; The unserialize callback function will be called (with the undefined class'
301; name as parameter), if the unserializer finds an undefined class
302; which should be instantiated. A warning appears if the specified function is
303; not defined, or if the function doesn't include/implement the missing class.
304; So only set this entry, if you really want to implement such a
305; callback-function.
306unserialize_callback_func =
307
308; The unserialize_max_depth specifies the default depth limit for unserialized
309; structures. Setting the depth limit too high may result in stack overflows
310; during unserialization. The unserialize_max_depth ini setting can be
311; overridden by the max_depth option on individual unserialize() calls.
312; A value of 0 disables the depth limit.
313;unserialize_max_depth = 4096
314
315; When floats & doubles are serialized, store serialize_precision significant
316; digits after the floating point. The default value ensures that when floats
317; are decoded with unserialize, the data will remain the same.
318; The value is also used for json_encode when encoding double values.
319; If -1 is used, then dtoa mode 0 is used which automatically select the best
320; precision.
321serialize_precision = -1
322
323; open_basedir, if set, limits all file operations to the defined directory
324; and below.  This directive makes most sense if used in a per-directory
325; or per-virtualhost web server configuration file.
326; Note: disables the realpath cache
327; https://php.net/open-basedir
328;open_basedir =
329
330; This directive allows you to disable certain functions.
331; It receives a comma-delimited list of function names.
332; https://php.net/disable-functions
333disable_functions =
334
335; This directive allows you to disable certain classes.
336; It receives a comma-delimited list of class names.
337; https://php.net/disable-classes
338disable_classes =
339
340; Colors for Syntax Highlighting mode.  Anything that's acceptable in
341; <span style="color: ???????"> would work.
342; https://php.net/syntax-highlighting
343;highlight.string  = #DD0000
344;highlight.comment = #FF9900
345;highlight.keyword = #007700
346;highlight.default = #0000BB
347;highlight.html    = #000000
348
349; If enabled, the request will be allowed to complete even if the user aborts
350; the request. Consider enabling it if executing long requests, which may end up
351; being interrupted by the user or a browser timing out. PHP's default behavior
352; is to disable this feature.
353; https://php.net/ignore-user-abort
354;ignore_user_abort = On
355
356; Determines the size of the realpath cache to be used by PHP. This value should
357; be increased on systems where PHP opens many files to reflect the quantity of
358; the file operations performed.
359; Note: if open_basedir is set, the cache is disabled
360; https://php.net/realpath-cache-size
361;realpath_cache_size = 4096k
362
363; Duration of time, in seconds for which to cache realpath information for a given
364; file or directory. For systems with rarely changing files, consider increasing this
365; value.
366; https://php.net/realpath-cache-ttl
367;realpath_cache_ttl = 120
368
369; Enables or disables the circular reference collector.
370; https://php.net/zend.enable-gc
371zend.enable_gc = On
372
373; If enabled, scripts may be written in encodings that are incompatible with
374; the scanner.  CP936, Big5, CP949 and Shift_JIS are the examples of such
375; encodings.  To use this feature, mbstring extension must be enabled.
376;zend.multibyte = Off
377
378; Allows to set the default encoding for the scripts.  This value will be used
379; unless "declare(encoding=...)" directive appears at the top of the script.
380; Only affects if zend.multibyte is set.
381;zend.script_encoding =
382
383; Allows to include or exclude arguments from stack traces generated for exceptions.
384; In production, it is recommended to turn this setting on to prohibit the output
385; of sensitive information in stack traces
386; Default Value: Off
387; Development Value: Off
388; Production Value: On
389zend.exception_ignore_args = On
390
391; Allows setting the maximum string length in an argument of a stringified stack trace
392; to a value between 0 and 1000000.
393; This has no effect when zend.exception_ignore_args is enabled.
394; Default Value: 15
395; Development Value: 15
396; Production Value: 0
397; In production, it is recommended to set this to 0 to reduce the output
398; of sensitive information in stack traces.
399zend.exception_string_param_max_len = 0
400
401;;;;;;;;;;;;;;;;;
402; Miscellaneous ;
403;;;;;;;;;;;;;;;;;
404
405; Decides whether PHP may expose the fact that it is installed on the server
406; (e.g. by adding its signature to the Web server header).  It is no security
407; threat in any way, but it makes it possible to determine whether you use PHP
408; on your server or not.
409; https://php.net/expose-php
410expose_php = On
411
412;;;;;;;;;;;;;;;;;;;
413; Resource Limits ;
414;;;;;;;;;;;;;;;;;;;
415
416; Maximum execution time of each script, in seconds
417; https://php.net/max-execution-time
418; Note: This directive is hardcoded to 0 for the CLI SAPI
419max_execution_time = 30
420
421; Maximum amount of time each script may spend parsing request data. It's a good
422; idea to limit this time on productions servers in order to eliminate unexpectedly
423; long running scripts.
424; Note: This directive is hardcoded to -1 for the CLI SAPI
425; Default Value: -1 (Unlimited)
426; Development Value: 60 (60 seconds)
427; Production Value: 60 (60 seconds)
428; https://php.net/max-input-time
429max_input_time = 60
430
431; Maximum input variable nesting level
432; https://php.net/max-input-nesting-level
433;max_input_nesting_level = 64
434
435; How many GET/POST/COOKIE input variables may be accepted
436;max_input_vars = 1000
437
438; How many multipart body parts (combined input variable and file uploads) may
439; be accepted.
440; Default Value: -1 (Sum of max_input_vars and max_file_uploads)
441;max_multipart_body_parts = 1500
442
443; Maximum amount of memory a script may consume
444; https://php.net/memory-limit
445memory_limit = 128M
446
447;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
448; Error handling and logging ;
449;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
450
451; This directive informs PHP of which errors, warnings and notices you would like
452; it to take action for. The recommended way of setting values for this
453; directive is through the use of the error level constants and bitwise
454; operators. The error level constants are below here for convenience as well as
455; some common settings and their meanings.
456; By default, PHP is set to take action on all errors, notices and warnings EXCEPT
457; those related to E_NOTICE and E_STRICT, which together cover best practices and
458; recommended coding standards in PHP. For performance reasons, this is the
459; recommend error reporting setting. Your production server shouldn't be wasting
460; resources complaining about best practices and coding standards. That's what
461; development servers and development settings are for.
462; Note: The php.ini-development file has this setting as E_ALL. This
463; means it pretty much reports everything which is exactly what you want during
464; development and early testing.
465;
466; Error Level Constants:
467; E_ALL             - All errors and warnings
468; E_ERROR           - fatal run-time errors
469; E_RECOVERABLE_ERROR  - almost fatal run-time errors
470; E_WARNING         - run-time warnings (non-fatal errors)
471; E_PARSE           - compile-time parse errors
472; E_NOTICE          - run-time notices (these are warnings which often result
473;                     from a bug in your code, but it's possible that it was
474;                     intentional (e.g., using an uninitialized variable and
475;                     relying on the fact it is automatically initialized to an
476;                     empty string)
477; E_STRICT          - run-time notices, enable to have PHP suggest changes
478;                     to your code which will ensure the best interoperability
479;                     and forward compatibility of your code
480; E_CORE_ERROR      - fatal errors that occur during PHP's initial startup
481; E_CORE_WARNING    - warnings (non-fatal errors) that occur during PHP's
482;                     initial startup
483; E_COMPILE_ERROR   - fatal compile-time errors
484; E_COMPILE_WARNING - compile-time warnings (non-fatal errors)
485; E_USER_ERROR      - user-generated error message
486; E_USER_WARNING    - user-generated warning message
487; E_USER_NOTICE     - user-generated notice message
488; E_DEPRECATED      - warn about code that will not work in future versions
489;                     of PHP
490; E_USER_DEPRECATED - user-generated deprecation warnings
491;
492; Common Values:
493;   E_ALL (Show all errors, warnings and notices including coding standards.)
494;   E_ALL & ~E_NOTICE  (Show all errors, except for notices)
495;   E_ALL & ~E_NOTICE & ~E_STRICT  (Show all errors, except for notices and coding standards warnings.)
496;   E_COMPILE_ERROR|E_RECOVERABLE_ERROR|E_ERROR|E_CORE_ERROR  (Show only errors)
497; Default Value: E_ALL
498; Development Value: E_ALL
499; Production Value: E_ALL & ~E_DEPRECATED & ~E_STRICT
500; https://php.net/error-reporting
501error_reporting = E_ALL & ~E_DEPRECATED & ~E_STRICT
502
503; This directive controls whether or not and where PHP will output errors,
504; notices and warnings too. Error output is very useful during development, but
505; it could be very dangerous in production environments. Depending on the code
506; which is triggering the error, sensitive information could potentially leak
507; out of your application such as database usernames and passwords or worse.
508; For production environments, we recommend logging errors rather than
509; sending them to STDOUT.
510; Possible Values:
511;   Off = Do not display any errors
512;   stderr = Display errors to STDERR (affects only CGI/CLI binaries!)
513;   On or stdout = Display errors to STDOUT
514; Default Value: On
515; Development Value: On
516; Production Value: Off
517; https://php.net/display-errors
518display_errors = Off
519
520; The display of errors which occur during PHP's startup sequence are handled
521; separately from display_errors. We strongly recommend you set this to 'off'
522; for production servers to avoid leaking configuration details.
523; Default Value: On
524; Development Value: On
525; Production Value: Off
526; https://php.net/display-startup-errors
527display_startup_errors = Off
528
529; Besides displaying errors, PHP can also log errors to locations such as a
530; server-specific log, STDERR, or a location specified by the error_log
531; directive found below. While errors should not be displayed on productions
532; servers they should still be monitored and logging is a great way to do that.
533; Default Value: Off
534; Development Value: On
535; Production Value: On
536; https://php.net/log-errors
537log_errors = On
538
539; Do not log repeated messages. Repeated errors must occur in same file on same
540; line unless ignore_repeated_source is set true.
541; https://php.net/ignore-repeated-errors
542ignore_repeated_errors = Off
543
544; Ignore source of message when ignoring repeated messages. When this setting
545; is On you will not log errors with repeated messages from different files or
546; source lines.
547; https://php.net/ignore-repeated-source
548ignore_repeated_source = Off
549
550; If this parameter is set to Off, then memory leaks will not be shown (on
551; stdout or in the log). This is only effective in a debug compile, and if
552; error reporting includes E_WARNING in the allowed list
553; https://php.net/report-memleaks
554report_memleaks = On
555
556; This setting is off by default.
557;report_zend_debug = 0
558
559; Turn off normal error reporting and emit XML-RPC error XML
560; https://php.net/xmlrpc-errors
561;xmlrpc_errors = 0
562
563; An XML-RPC faultCode
564;xmlrpc_error_number = 0
565
566; When PHP displays or logs an error, it has the capability of formatting the
567; error message as HTML for easier reading. This directive controls whether
568; the error message is formatted as HTML or not.
569; Note: This directive is hardcoded to Off for the CLI SAPI
570; https://php.net/html-errors
571;html_errors = On
572
573; If html_errors is set to On *and* docref_root is not empty, then PHP
574; produces clickable error messages that direct to a page describing the error
575; or function causing the error in detail.
576; You can download a copy of the PHP manual from https://php.net/docs
577; and change docref_root to the base URL of your local copy including the
578; leading '/'. You must also specify the file extension being used including
579; the dot. PHP's default behavior is to leave these settings empty, in which
580; case no links to documentation are generated.
581; Note: Never use this feature for production boxes.
582; https://php.net/docref-root
583; Examples
584;docref_root = "/phpmanual/"
585
586; https://php.net/docref-ext
587;docref_ext = .html
588
589; String to output before an error message. PHP's default behavior is to leave
590; this setting blank.
591; https://php.net/error-prepend-string
592; Example:
593;error_prepend_string = "<span style='color: #ff0000'>"
594
595; String to output after an error message. PHP's default behavior is to leave
596; this setting blank.
597; https://php.net/error-append-string
598; Example:
599;error_append_string = "</span>"
600
601; Log errors to specified file. PHP's default behavior is to leave this value
602; empty.
603; https://php.net/error-log
604; Example:
605;error_log = php_errors.log
606; Log errors to syslog (Event Log on Windows).
607;error_log = syslog
608
609; The syslog ident is a string which is prepended to every message logged
610; to syslog. Only used when error_log is set to syslog.
611;syslog.ident = php
612
613; The syslog facility is used to specify what type of program is logging
614; the message. Only used when error_log is set to syslog.
615;syslog.facility = user
616
617; Set this to disable filtering control characters (the default).
618; Some loggers only accept NVT-ASCII, others accept anything that's not
619; control characters. If your logger accepts everything, then no filtering
620; is needed at all.
621; Allowed values are:
622;   ascii (all printable ASCII characters and NL)
623;   no-ctrl (all characters except control characters)
624;   all (all characters)
625;   raw (like "all", but messages are not split at newlines)
626; https://php.net/syslog.filter
627;syslog.filter = ascii
628
629;windows.show_crt_warning
630; Default value: 0
631; Development value: 0
632; Production value: 0
633
634;;;;;;;;;;;;;;;;;
635; Data Handling ;
636;;;;;;;;;;;;;;;;;
637
638; The separator used in PHP generated URLs to separate arguments.
639; PHP's default setting is "&".
640; https://php.net/arg-separator.output
641; Example:
642;arg_separator.output = "&amp;"
643
644; List of separator(s) used by PHP to parse input URLs into variables.
645; PHP's default setting is "&".
646; NOTE: Every character in this directive is considered as separator!
647; https://php.net/arg-separator.input
648; Example:
649;arg_separator.input = ";&"
650
651; This directive determines which super global arrays are registered when PHP
652; starts up. G,P,C,E & S are abbreviations for the following respective super
653; globals: GET, POST, COOKIE, ENV and SERVER. There is a performance penalty
654; paid for the registration of these arrays and because ENV is not as commonly
655; used as the others, ENV is not recommended on productions servers. You
656; can still get access to the environment variables through getenv() should you
657; need to.
658; Default Value: "EGPCS"
659; Development Value: "GPCS"
660; Production Value: "GPCS";
661; https://php.net/variables-order
662variables_order = "GPCS"
663
664; This directive determines which super global data (G,P & C) should be
665; registered into the super global array REQUEST. If so, it also determines
666; the order in which that data is registered. The values for this directive
667; are specified in the same manner as the variables_order directive,
668; EXCEPT one. Leaving this value empty will cause PHP to use the value set
669; in the variables_order directive. It does not mean it will leave the super
670; globals array REQUEST empty.
671; Default Value: None
672; Development Value: "GP"
673; Production Value: "GP"
674; https://php.net/request-order
675request_order = "GP"
676
677; This directive determines whether PHP registers $argv & $argc each time it
678; runs. $argv contains an array of all the arguments passed to PHP when a script
679; is invoked. $argc contains an integer representing the number of arguments
680; that were passed when the script was invoked. These arrays are extremely
681; useful when running scripts from the command line. When this directive is
682; enabled, registering these variables consumes CPU cycles and memory each time
683; a script is executed. For performance reasons, this feature should be disabled
684; on production servers.
685; Note: This directive is hardcoded to On for the CLI SAPI
686; Default Value: On
687; Development Value: Off
688; Production Value: Off
689; https://php.net/register-argc-argv
690register_argc_argv = Off
691
692; When enabled, the ENV, REQUEST and SERVER variables are created when they're
693; first used (Just In Time) instead of when the script starts. If these
694; variables are not used within a script, having this directive on will result
695; in a performance gain. The PHP directive register_argc_argv must be disabled
696; for this directive to have any effect.
697; https://php.net/auto-globals-jit
698auto_globals_jit = On
699
700; Whether PHP will read the POST data.
701; This option is enabled by default.
702; Most likely, you won't want to disable this option globally. It causes $_POST
703; and $_FILES to always be empty; the only way you will be able to read the
704; POST data will be through the php://input stream wrapper. This can be useful
705; to proxy requests or to process the POST data in a memory efficient fashion.
706; https://php.net/enable-post-data-reading
707;enable_post_data_reading = Off
708
709; Maximum size of POST data that PHP will accept.
710; Its value may be 0 to disable the limit. It is ignored if POST data reading
711; is disabled through enable_post_data_reading.
712; https://php.net/post-max-size
713post_max_size = 8M
714
715; Automatically add files before PHP document.
716; https://php.net/auto-prepend-file
717auto_prepend_file =
718
719; Automatically add files after PHP document.
720; https://php.net/auto-append-file
721auto_append_file =
722
723; By default, PHP will output a media type using the Content-Type header. To
724; disable this, simply set it to be empty.
725;
726; PHP's built-in default media type is set to text/html.
727; https://php.net/default-mimetype
728default_mimetype = "text/html"
729
730; PHP's default character set is set to UTF-8.
731; https://php.net/default-charset
732default_charset = "UTF-8"
733
734; PHP internal character encoding is set to empty.
735; If empty, default_charset is used.
736; https://php.net/internal-encoding
737;internal_encoding =
738
739; PHP input character encoding is set to empty.
740; If empty, default_charset is used.
741; https://php.net/input-encoding
742;input_encoding =
743
744; PHP output character encoding is set to empty.
745; If empty, default_charset is used.
746; See also output_buffer.
747; https://php.net/output-encoding
748;output_encoding =
749
750;;;;;;;;;;;;;;;;;;;;;;;;;
751; Paths and Directories ;
752;;;;;;;;;;;;;;;;;;;;;;;;;
753
754; UNIX: "/path1:/path2"
755;include_path = ".:/php/includes"
756;
757; Windows: "\path1;\path2"
758;include_path = ".;c:\php\includes"
759;
760; PHP's default setting for include_path is ".;/path/to/php/pear"
761; https://php.net/include-path
762
763; The root of the PHP pages, used only if nonempty.
764; if PHP was not compiled with FORCE_REDIRECT, you SHOULD set doc_root
765; if you are running php as a CGI under any web server (other than IIS)
766; see documentation for security issues.  The alternate is to use the
767; cgi.force_redirect configuration below
768; https://php.net/doc-root
769doc_root =
770
771; The directory under which PHP opens the script using /~username used only
772; if nonempty.
773; https://php.net/user-dir
774user_dir =
775
776; Directory in which the loadable extensions (modules) reside.
777; https://php.net/extension-dir
778;extension_dir = "./"
779; On windows:
780;extension_dir = "ext"
781
782; Directory where the temporary files should be placed.
783; Defaults to the system default (see sys_get_temp_dir)
784;sys_temp_dir = "/tmp"
785
786; Whether or not to enable the dl() function.  The dl() function does NOT work
787; properly in multithreaded servers, such as IIS or Zeus, and is automatically
788; disabled on them.
789; https://php.net/enable-dl
790enable_dl = Off
791
792; cgi.force_redirect is necessary to provide security running PHP as a CGI under
793; most web servers.  Left undefined, PHP turns this on by default.  You can
794; turn it off here AT YOUR OWN RISK
795; **You CAN safely turn this off for IIS, in fact, you MUST.**
796; https://php.net/cgi.force-redirect
797;cgi.force_redirect = 1
798
799; if cgi.nph is enabled it will force cgi to always sent Status: 200 with
800; every request. PHP's default behavior is to disable this feature.
801;cgi.nph = 1
802
803; if cgi.force_redirect is turned on, and you are not running under Apache or Netscape
804; (iPlanet) web servers, you MAY need to set an environment variable name that PHP
805; will look for to know it is OK to continue execution.  Setting this variable MAY
806; cause security issues, KNOW WHAT YOU ARE DOING FIRST.
807; https://php.net/cgi.redirect-status-env
808;cgi.redirect_status_env =
809
810; cgi.fix_pathinfo provides *real* PATH_INFO/PATH_TRANSLATED support for CGI.  PHP's
811; previous behaviour was to set PATH_TRANSLATED to SCRIPT_FILENAME, and to not grok
812; what PATH_INFO is.  For more information on PATH_INFO, see the cgi specs.  Setting
813; this to 1 will cause PHP CGI to fix its paths to conform to the spec.  A setting
814; of zero causes PHP to behave as before.  Default is 1.  You should fix your scripts
815; to use SCRIPT_FILENAME rather than PATH_TRANSLATED.
816; https://php.net/cgi.fix-pathinfo
817;cgi.fix_pathinfo=1
818
819; if cgi.discard_path is enabled, the PHP CGI binary can safely be placed outside
820; of the web tree and people will not be able to circumvent .htaccess security.
821;cgi.discard_path=1
822
823; FastCGI under IIS supports the ability to impersonate
824; security tokens of the calling client.  This allows IIS to define the
825; security context that the request runs under.  mod_fastcgi under Apache
826; does not currently support this feature (03/17/2002)
827; Set to 1 if running under IIS.  Default is zero.
828; https://php.net/fastcgi.impersonate
829;fastcgi.impersonate = 1
830
831; Disable logging through FastCGI connection. PHP's default behavior is to enable
832; this feature.
833;fastcgi.logging = 0
834
835; cgi.rfc2616_headers configuration option tells PHP what type of headers to
836; use when sending HTTP response code. If set to 0, PHP sends Status: header that
837; is supported by Apache. When this option is set to 1, PHP will send
838; RFC2616 compliant header.
839; Default is zero.
840; https://php.net/cgi.rfc2616-headers
841;cgi.rfc2616_headers = 0
842
843; cgi.check_shebang_line controls whether CGI PHP checks for line starting with #!
844; (shebang) at the top of the running script. This line might be needed if the
845; script support running both as stand-alone script and via PHP CGI<. PHP in CGI
846; mode skips this line and ignores its content if this directive is turned on.
847; https://php.net/cgi.check-shebang-line
848;cgi.check_shebang_line=1
849
850;;;;;;;;;;;;;;;;
851; File Uploads ;
852;;;;;;;;;;;;;;;;
853
854; Whether to allow HTTP file uploads.
855; https://php.net/file-uploads
856file_uploads = On
857
858; Temporary directory for HTTP uploaded files (will use system default if not
859; specified).
860; https://php.net/upload-tmp-dir
861;upload_tmp_dir =
862
863; Maximum allowed size for uploaded files.
864; https://php.net/upload-max-filesize
865upload_max_filesize = 2M
866
867; Maximum number of files that can be uploaded via a single request
868max_file_uploads = 20
869
870;;;;;;;;;;;;;;;;;;
871; Fopen wrappers ;
872;;;;;;;;;;;;;;;;;;
873
874; Whether to allow the treatment of URLs (like http:// or ftp://) as files.
875; https://php.net/allow-url-fopen
876allow_url_fopen = On
877
878; Whether to allow include/require to open URLs (like https:// or ftp://) as files.
879; https://php.net/allow-url-include
880allow_url_include = Off
881
882; Define the anonymous ftp password (your email address). PHP's default setting
883; for this is empty.
884; https://php.net/from
885;from="john@doe.com"
886
887; Define the User-Agent string. PHP's default setting for this is empty.
888; https://php.net/user-agent
889;user_agent="PHP"
890
891; Default timeout for socket based streams (seconds)
892; https://php.net/default-socket-timeout
893default_socket_timeout = 60
894
895; If your scripts have to deal with files from Macintosh systems,
896; or you are running on a Mac and need to deal with files from
897; unix or win32 systems, setting this flag will cause PHP to
898; automatically detect the EOL character in those files so that
899; fgets() and file() will work regardless of the source of the file.
900; https://php.net/auto-detect-line-endings
901;auto_detect_line_endings = Off
902
903;;;;;;;;;;;;;;;;;;;;;;
904; Dynamic Extensions ;
905;;;;;;;;;;;;;;;;;;;;;;
906
907; If you wish to have an extension loaded automatically, use the following
908; syntax:
909;
910;   extension=modulename
911;
912; For example:
913;
914;   extension=mysqli
915;
916; When the extension library to load is not located in the default extension
917; directory, You may specify an absolute path to the library file:
918;
919;   extension=/path/to/extension/mysqli.so
920;
921; Note : The syntax used in previous PHP versions ('extension=<ext>.so' and
922; 'extension='php_<ext>.dll') is supported for legacy reasons and may be
923; deprecated in a future PHP major version. So, when it is possible, please
924; move to the new ('extension=<ext>) syntax.
925;
926; Notes for Windows environments :
927;
928; - Many DLL files are located in the ext/
929;   extension folders as well as the separate PECL DLL download.
930;   Be sure to appropriately set the extension_dir directive.
931;
932;extension=bz2
933;extension=curl
934;extension=ffi
935;extension=ftp
936;extension=fileinfo
937;extension=gd
938;extension=gettext
939;extension=gmp
940;extension=intl
941;extension=ldap
942;extension=mbstring
943;extension=exif      ; Must be after mbstring as it depends on it
944;extension=mysqli
945;extension=odbc
946;extension=openssl
947;extension=pdo_firebird
948;extension=pdo_mysql
949;extension=pdo_odbc
950;extension=pdo_pgsql
951;extension=pdo_sqlite
952;extension=pgsql
953;extension=shmop
954
955; The MIBS data available in the PHP distribution must be installed.
956; See https://www.php.net/manual/en/snmp.installation.php
957;extension=snmp
958
959;extension=soap
960;extension=sockets
961;extension=sodium
962;extension=sqlite3
963;extension=tidy
964;extension=xsl
965;extension=zip
966
967;zend_extension=opcache
968
969;;;;;;;;;;;;;;;;;;;
970; Module Settings ;
971;;;;;;;;;;;;;;;;;;;
972
973[CLI Server]
974; Whether the CLI web server uses ANSI color coding in its terminal output.
975cli_server.color = On
976
977[Date]
978; Defines the default timezone used by the date functions
979; https://php.net/date.timezone
980;date.timezone =
981
982; https://php.net/date.default-latitude
983;date.default_latitude = 31.7667
984
985; https://php.net/date.default-longitude
986;date.default_longitude = 35.2333
987
988; https://php.net/date.sunrise-zenith
989;date.sunrise_zenith = 90.833333
990
991; https://php.net/date.sunset-zenith
992;date.sunset_zenith = 90.833333
993
994[filter]
995; https://php.net/filter.default
996;filter.default = unsafe_raw
997
998; https://php.net/filter.default-flags
999;filter.default_flags =
1000
1001[iconv]
1002; Use of this INI entry is deprecated, use global input_encoding instead.
1003; If empty, default_charset or input_encoding or iconv.input_encoding is used.
1004; The precedence is: default_charset < input_encoding < iconv.input_encoding
1005;iconv.input_encoding =
1006
1007; Use of this INI entry is deprecated, use global internal_encoding instead.
1008; If empty, default_charset or internal_encoding or iconv.internal_encoding is used.
1009; The precedence is: default_charset < internal_encoding < iconv.internal_encoding
1010;iconv.internal_encoding =
1011
1012; Use of this INI entry is deprecated, use global output_encoding instead.
1013; If empty, default_charset or output_encoding or iconv.output_encoding is used.
1014; The precedence is: default_charset < output_encoding < iconv.output_encoding
1015; To use an output encoding conversion, iconv's output handler must be set
1016; otherwise output encoding conversion cannot be performed.
1017;iconv.output_encoding =
1018
1019[intl]
1020;intl.default_locale =
1021; This directive allows you to produce PHP errors when some error
1022; happens within intl functions. The value is the level of the error produced.
1023; Default is 0, which does not produce any errors.
1024;intl.error_level = E_WARNING
1025;intl.use_exceptions = 0
1026
1027[sqlite3]
1028; Directory pointing to SQLite3 extensions
1029; https://php.net/sqlite3.extension-dir
1030;sqlite3.extension_dir =
1031
1032; SQLite defensive mode flag (only available from SQLite 3.26+)
1033; When the defensive flag is enabled, language features that allow ordinary
1034; SQL to deliberately corrupt the database file are disabled. This forbids
1035; writing directly to the schema, shadow tables (eg. FTS data tables), or
1036; the sqlite_dbpage virtual table.
1037; https://www.sqlite.org/c3ref/c_dbconfig_defensive.html
1038; (for older SQLite versions, this flag has no use)
1039;sqlite3.defensive = 1
1040
1041[Pcre]
1042; PCRE library backtracking limit.
1043; https://php.net/pcre.backtrack-limit
1044;pcre.backtrack_limit=100000
1045
1046; PCRE library recursion limit.
1047; Please note that if you set this value to a high number you may consume all
1048; the available process stack and eventually crash PHP (due to reaching the
1049; stack size limit imposed by the Operating System).
1050; https://php.net/pcre.recursion-limit
1051;pcre.recursion_limit=100000
1052
1053; Enables or disables JIT compilation of patterns. This requires the PCRE
1054; library to be compiled with JIT support.
1055;pcre.jit=1
1056
1057[Pdo]
1058; Whether to pool ODBC connections. Can be one of "strict", "relaxed" or "off"
1059; https://php.net/pdo-odbc.connection-pooling
1060;pdo_odbc.connection_pooling=strict
1061
1062[Pdo_mysql]
1063; Default socket name for local MySQL connects.  If empty, uses the built-in
1064; MySQL defaults.
1065pdo_mysql.default_socket=
1066
1067[Phar]
1068; https://php.net/phar.readonly
1069;phar.readonly = On
1070
1071; https://php.net/phar.require-hash
1072;phar.require_hash = On
1073
1074;phar.cache_list =
1075
1076[mail function]
1077; For Win32 only.
1078; https://php.net/smtp
1079SMTP = localhost
1080; https://php.net/smtp-port
1081smtp_port = 25
1082
1083; For Win32 only.
1084; https://php.net/sendmail-from
1085;sendmail_from = me@example.com
1086
1087; For Unix only.  You may supply arguments as well (default: "sendmail -t -i").
1088; https://php.net/sendmail-path
1089;sendmail_path =
1090
1091; Force the addition of the specified parameters to be passed as extra parameters
1092; to the sendmail binary. These parameters will always replace the value of
1093; the 5th parameter to mail().
1094;mail.force_extra_parameters =
1095
1096; Add X-PHP-Originating-Script: that will include uid of the script followed by the filename
1097mail.add_x_header = Off
1098
1099; Use mixed LF and CRLF line separators to keep compatibility with some
1100; RFC 2822 non conformant MTA.
1101mail.mixed_lf_and_crlf = Off
1102
1103; The path to a log file that will log all mail() calls. Log entries include
1104; the full path of the script, line number, To address and headers.
1105;mail.log =
1106; Log mail to syslog (Event Log on Windows).
1107;mail.log = syslog
1108
1109[ODBC]
1110; https://php.net/odbc.default-db
1111;odbc.default_db    =  Not yet implemented
1112
1113; https://php.net/odbc.default-user
1114;odbc.default_user  =  Not yet implemented
1115
1116; https://php.net/odbc.default-pw
1117;odbc.default_pw    =  Not yet implemented
1118
1119; Controls the ODBC cursor model.
1120; Default: SQL_CURSOR_STATIC (default).
1121;odbc.default_cursortype
1122
1123; Allow or prevent persistent links.
1124; https://php.net/odbc.allow-persistent
1125odbc.allow_persistent = On
1126
1127; Check that a connection is still valid before reuse.
1128; https://php.net/odbc.check-persistent
1129odbc.check_persistent = On
1130
1131; Maximum number of persistent links.  -1 means no limit.
1132; https://php.net/odbc.max-persistent
1133odbc.max_persistent = -1
1134
1135; Maximum number of links (persistent + non-persistent).  -1 means no limit.
1136; https://php.net/odbc.max-links
1137odbc.max_links = -1
1138
1139; Handling of LONG fields.  Returns number of bytes to variables.  0 means
1140; passthru.
1141; https://php.net/odbc.defaultlrl
1142odbc.defaultlrl = 4096
1143
1144; Handling of binary data.  0 means passthru, 1 return as is, 2 convert to char.
1145; See the documentation on odbc_binmode and odbc_longreadlen for an explanation
1146; of odbc.defaultlrl and odbc.defaultbinmode
1147; https://php.net/odbc.defaultbinmode
1148odbc.defaultbinmode = 1
1149
1150[MySQLi]
1151
1152; Maximum number of persistent links.  -1 means no limit.
1153; https://php.net/mysqli.max-persistent
1154mysqli.max_persistent = -1
1155
1156; Allow accessing, from PHP's perspective, local files with LOAD DATA statements
1157; https://php.net/mysqli.allow_local_infile
1158;mysqli.allow_local_infile = On
1159
1160; It allows the user to specify a folder where files that can be sent via LOAD DATA
1161; LOCAL can exist. It is ignored if mysqli.allow_local_infile is enabled.
1162;mysqli.local_infile_directory =
1163
1164; Allow or prevent persistent links.
1165; https://php.net/mysqli.allow-persistent
1166mysqli.allow_persistent = On
1167
1168; Maximum number of links.  -1 means no limit.
1169; https://php.net/mysqli.max-links
1170mysqli.max_links = -1
1171
1172; Default port number for mysqli_connect().  If unset, mysqli_connect() will use
1173; the $MYSQL_TCP_PORT or the mysql-tcp entry in /etc/services or the
1174; compile-time value defined MYSQL_PORT (in that order).  Win32 will only look
1175; at MYSQL_PORT.
1176; https://php.net/mysqli.default-port
1177mysqli.default_port = 3306
1178
1179; Default socket name for local MySQL connects.  If empty, uses the built-in
1180; MySQL defaults.
1181; https://php.net/mysqli.default-socket
1182mysqli.default_socket =
1183
1184; Default host for mysqli_connect() (doesn't apply in safe mode).
1185; https://php.net/mysqli.default-host
1186mysqli.default_host =
1187
1188; Default user for mysqli_connect() (doesn't apply in safe mode).
1189; https://php.net/mysqli.default-user
1190mysqli.default_user =
1191
1192; Default password for mysqli_connect() (doesn't apply in safe mode).
1193; Note that this is generally a *bad* idea to store passwords in this file.
1194; *Any* user with PHP access can run 'echo get_cfg_var("mysqli.default_pw")
1195; and reveal this password!  And of course, any users with read access to this
1196; file will be able to reveal the password as well.
1197; https://php.net/mysqli.default-pw
1198mysqli.default_pw =
1199
1200; If this option is enabled, closing a persistent connection will rollback
1201; any pending transactions of this connection, before it is put back
1202; into the persistent connection pool.
1203;mysqli.rollback_on_cached_plink = Off
1204
1205[mysqlnd]
1206; Enable / Disable collection of general statistics by mysqlnd which can be
1207; used to tune and monitor MySQL operations.
1208mysqlnd.collect_statistics = On
1209
1210; Enable / Disable collection of memory usage statistics by mysqlnd which can be
1211; used to tune and monitor MySQL operations.
1212mysqlnd.collect_memory_statistics = Off
1213
1214; Records communication from all extensions using mysqlnd to the specified log
1215; file.
1216; https://php.net/mysqlnd.debug
1217;mysqlnd.debug =
1218
1219; Defines which queries will be logged.
1220;mysqlnd.log_mask = 0
1221
1222; Default size of the mysqlnd memory pool, which is used by result sets.
1223;mysqlnd.mempool_default_size = 16000
1224
1225; Size of a pre-allocated buffer used when sending commands to MySQL in bytes.
1226;mysqlnd.net_cmd_buffer_size = 2048
1227
1228; Size of a pre-allocated buffer used for reading data sent by the server in
1229; bytes.
1230;mysqlnd.net_read_buffer_size = 32768
1231
1232; Timeout for network requests in seconds.
1233;mysqlnd.net_read_timeout = 31536000
1234
1235; SHA-256 Authentication Plugin related. File with the MySQL server public RSA
1236; key.
1237;mysqlnd.sha256_server_public_key =
1238
1239[PostgreSQL]
1240; Allow or prevent persistent links.
1241; https://php.net/pgsql.allow-persistent
1242pgsql.allow_persistent = On
1243
1244; Detect broken persistent links always with pg_pconnect().
1245; Auto reset feature requires a little overheads.
1246; https://php.net/pgsql.auto-reset-persistent
1247pgsql.auto_reset_persistent = Off
1248
1249; Maximum number of persistent links.  -1 means no limit.
1250; https://php.net/pgsql.max-persistent
1251pgsql.max_persistent = -1
1252
1253; Maximum number of links (persistent+non persistent).  -1 means no limit.
1254; https://php.net/pgsql.max-links
1255pgsql.max_links = -1
1256
1257; Ignore PostgreSQL backends Notice message or not.
1258; Notice message logging require a little overheads.
1259; https://php.net/pgsql.ignore-notice
1260pgsql.ignore_notice = 0
1261
1262; Log PostgreSQL backends Notice message or not.
1263; Unless pgsql.ignore_notice=0, module cannot log notice message.
1264; https://php.net/pgsql.log-notice
1265pgsql.log_notice = 0
1266
1267[bcmath]
1268; Number of decimal digits for all bcmath functions.
1269; https://php.net/bcmath.scale
1270bcmath.scale = 0
1271
1272[browscap]
1273; https://php.net/browscap
1274;browscap = extra/browscap.ini
1275
1276[Session]
1277; Handler used to store/retrieve data.
1278; https://php.net/session.save-handler
1279session.save_handler = files
1280
1281; Argument passed to save_handler.  In the case of files, this is the path
1282; where data files are stored. Note: Windows users have to change this
1283; variable in order to use PHP's session functions.
1284;
1285; The path can be defined as:
1286;
1287;     session.save_path = "N;/path"
1288;
1289; where N is an integer.  Instead of storing all the session files in
1290; /path, what this will do is use subdirectories N-levels deep, and
1291; store the session data in those directories.  This is useful if
1292; your OS has problems with many files in one directory, and is
1293; a more efficient layout for servers that handle many sessions.
1294;
1295; NOTE 1: PHP will not create this directory structure automatically.
1296;         You can use the script in the ext/session dir for that purpose.
1297; NOTE 2: See the section on garbage collection below if you choose to
1298;         use subdirectories for session storage
1299;
1300; The file storage module creates files using mode 600 by default.
1301; You can change that by using
1302;
1303;     session.save_path = "N;MODE;/path"
1304;
1305; where MODE is the octal representation of the mode. Note that this
1306; does not overwrite the process's umask.
1307; https://php.net/session.save-path
1308;session.save_path = "/tmp"
1309
1310; Whether to use strict session mode.
1311; Strict session mode does not accept an uninitialized session ID, and
1312; regenerates the session ID if the browser sends an uninitialized session ID.
1313; Strict mode protects applications from session fixation via a session adoption
1314; vulnerability. It is disabled by default for maximum compatibility, but
1315; enabling it is encouraged.
1316; https://wiki.php.net/rfc/strict_sessions
1317session.use_strict_mode = 0
1318
1319; Whether to use cookies.
1320; https://php.net/session.use-cookies
1321session.use_cookies = 1
1322
1323; https://php.net/session.cookie-secure
1324;session.cookie_secure =
1325
1326; This option forces PHP to fetch and use a cookie for storing and maintaining
1327; the session id. We encourage this operation as it's very helpful in combating
1328; session hijacking when not specifying and managing your own session id. It is
1329; not the be-all and end-all of session hijacking defense, but it's a good start.
1330; https://php.net/session.use-only-cookies
1331session.use_only_cookies = 1
1332
1333; Name of the session (used as cookie name).
1334; https://php.net/session.name
1335session.name = PHPSESSID
1336
1337; Initialize session on request startup.
1338; https://php.net/session.auto-start
1339session.auto_start = 0
1340
1341; Lifetime in seconds of cookie or, if 0, until browser is restarted.
1342; https://php.net/session.cookie-lifetime
1343session.cookie_lifetime = 0
1344
1345; The path for which the cookie is valid.
1346; https://php.net/session.cookie-path
1347session.cookie_path = /
1348
1349; The domain for which the cookie is valid.
1350; https://php.net/session.cookie-domain
1351session.cookie_domain =
1352
1353; Whether or not to add the httpOnly flag to the cookie, which makes it
1354; inaccessible to browser scripting languages such as JavaScript.
1355; https://php.net/session.cookie-httponly
1356session.cookie_httponly =
1357
1358; Add SameSite attribute to cookie to help mitigate Cross-Site Request Forgery (CSRF/XSRF)
1359; Current valid values are "Strict", "Lax" or "None". When using "None",
1360; make sure to include the quotes, as `none` is interpreted like `false` in ini files.
1361; https://tools.ietf.org/html/draft-west-first-party-cookies-07
1362session.cookie_samesite =
1363
1364; Handler used to serialize data. php is the standard serializer of PHP.
1365; https://php.net/session.serialize-handler
1366session.serialize_handler = php
1367
1368; Defines the probability that the 'garbage collection' process is started on every
1369; session initialization. The probability is calculated by using gc_probability/gc_divisor,
1370; e.g. 1/100 means there is a 1% chance that the GC process starts on each request.
1371; Default Value: 1
1372; Development Value: 1
1373; Production Value: 1
1374; https://php.net/session.gc-probability
1375session.gc_probability = 1
1376
1377; Defines the probability that the 'garbage collection' process is started on every
1378; session initialization. The probability is calculated by using gc_probability/gc_divisor,
1379; e.g. 1/100 means there is a 1% chance that the GC process starts on each request.
1380; For high volume production servers, using a value of 1000 is a more efficient approach.
1381; Default Value: 100
1382; Development Value: 1000
1383; Production Value: 1000
1384; https://php.net/session.gc-divisor
1385session.gc_divisor = 1000
1386
1387; After this number of seconds, stored data will be seen as 'garbage' and
1388; cleaned up by the garbage collection process.
1389; https://php.net/session.gc-maxlifetime
1390session.gc_maxlifetime = 1440
1391
1392; NOTE: If you are using the subdirectory option for storing session files
1393;       (see session.save_path above), then garbage collection does *not*
1394;       happen automatically.  You will need to do your own garbage
1395;       collection through a shell script, cron entry, or some other method.
1396;       For example, the following script is the equivalent of setting
1397;       session.gc_maxlifetime to 1440 (1440 seconds = 24 minutes):
1398;          find /path/to/sessions -cmin +24 -type f | xargs rm
1399
1400; Check HTTP Referer to invalidate externally stored URLs containing ids.
1401; HTTP_REFERER has to contain this substring for the session to be
1402; considered as valid.
1403; https://php.net/session.referer-check
1404session.referer_check =
1405
1406; Set to {nocache,private,public,} to determine HTTP caching aspects
1407; or leave this empty to avoid sending anti-caching headers.
1408; https://php.net/session.cache-limiter
1409session.cache_limiter = nocache
1410
1411; Document expires after n minutes.
1412; https://php.net/session.cache-expire
1413session.cache_expire = 180
1414
1415; trans sid support is disabled by default.
1416; Use of trans sid may risk your users' security.
1417; Use this option with caution.
1418; - User may send URL contains active session ID
1419;   to other person via. email/irc/etc.
1420; - URL that contains active session ID may be stored
1421;   in publicly accessible computer.
1422; - User may access your site with the same session ID
1423;   always using URL stored in browser's history or bookmarks.
1424; https://php.net/session.use-trans-sid
1425session.use_trans_sid = 0
1426
1427; Set session ID character length. This value could be between 22 to 256.
1428; Shorter length than default is supported only for compatibility reason.
1429; Users should use 32 or more chars.
1430; https://php.net/session.sid-length
1431; Default Value: 32
1432; Development Value: 26
1433; Production Value: 26
1434session.sid_length = 26
1435
1436; The URL rewriter will look for URLs in a defined set of HTML tags.
1437; <form> is special; if you include them here, the rewriter will
1438; add a hidden <input> field with the info which is otherwise appended
1439; to URLs. <form> tag's action attribute URL will not be modified
1440; unless it is specified.
1441; Note that all valid entries require a "=", even if no value follows.
1442; Default Value: "a=href,area=href,frame=src,form="
1443; Development Value: "a=href,area=href,frame=src,form="
1444; Production Value: "a=href,area=href,frame=src,form="
1445; https://php.net/url-rewriter.tags
1446session.trans_sid_tags = "a=href,area=href,frame=src,form="
1447
1448; URL rewriter does not rewrite absolute URLs by default.
1449; To enable rewrites for absolute paths, target hosts must be specified
1450; at RUNTIME. i.e. use ini_set()
1451; <form> tags is special. PHP will check action attribute's URL regardless
1452; of session.trans_sid_tags setting.
1453; If no host is defined, HTTP_HOST will be used for allowed host.
1454; Example value: php.net,www.php.net,wiki.php.net
1455; Use "," for multiple hosts. No spaces are allowed.
1456; Default Value: ""
1457; Development Value: ""
1458; Production Value: ""
1459;session.trans_sid_hosts=""
1460
1461; Define how many bits are stored in each character when converting
1462; the binary hash data to something readable.
1463; Possible values:
1464;   4  (4 bits: 0-9, a-f)
1465;   5  (5 bits: 0-9, a-v)
1466;   6  (6 bits: 0-9, a-z, A-Z, "-", ",")
1467; Default Value: 4
1468; Development Value: 5
1469; Production Value: 5
1470; https://php.net/session.hash-bits-per-character
1471session.sid_bits_per_character = 5
1472
1473; Enable upload progress tracking in $_SESSION
1474; Default Value: On
1475; Development Value: On
1476; Production Value: On
1477; https://php.net/session.upload-progress.enabled
1478;session.upload_progress.enabled = On
1479
1480; Cleanup the progress information as soon as all POST data has been read
1481; (i.e. upload completed).
1482; Default Value: On
1483; Development Value: On
1484; Production Value: On
1485; https://php.net/session.upload-progress.cleanup
1486;session.upload_progress.cleanup = On
1487
1488; A prefix used for the upload progress key in $_SESSION
1489; Default Value: "upload_progress_"
1490; Development Value: "upload_progress_"
1491; Production Value: "upload_progress_"
1492; https://php.net/session.upload-progress.prefix
1493;session.upload_progress.prefix = "upload_progress_"
1494
1495; The index name (concatenated with the prefix) in $_SESSION
1496; containing the upload progress information
1497; Default Value: "PHP_SESSION_UPLOAD_PROGRESS"
1498; Development Value: "PHP_SESSION_UPLOAD_PROGRESS"
1499; Production Value: "PHP_SESSION_UPLOAD_PROGRESS"
1500; https://php.net/session.upload-progress.name
1501;session.upload_progress.name = "PHP_SESSION_UPLOAD_PROGRESS"
1502
1503; How frequently the upload progress should be updated.
1504; Given either in percentages (per-file), or in bytes
1505; Default Value: "1%"
1506; Development Value: "1%"
1507; Production Value: "1%"
1508; https://php.net/session.upload-progress.freq
1509;session.upload_progress.freq =  "1%"
1510
1511; The minimum delay between updates, in seconds
1512; Default Value: 1
1513; Development Value: 1
1514; Production Value: 1
1515; https://php.net/session.upload-progress.min-freq
1516;session.upload_progress.min_freq = "1"
1517
1518; Only write session data when session data is changed. Enabled by default.
1519; https://php.net/session.lazy-write
1520;session.lazy_write = On
1521
1522[Assertion]
1523; Switch whether to compile assertions at all (to have no overhead at run-time)
1524; -1: Do not compile at all
1525;  0: Jump over assertion at run-time
1526;  1: Execute assertions
1527; Changing from or to a negative value is only possible in php.ini!
1528; (For turning assertions on and off at run-time, toggle zend.assertions between the values 1 and 0)
1529; Default Value: 1
1530; Development Value: 1
1531; Production Value: -1
1532; https://php.net/zend.assertions
1533zend.assertions = -1
1534
1535[COM]
1536; path to a file containing GUIDs, IIDs or filenames of files with TypeLibs
1537; https://php.net/com.typelib-file
1538;com.typelib_file =
1539
1540; allow Distributed-COM calls
1541; https://php.net/com.allow-dcom
1542;com.allow_dcom = true
1543
1544; autoregister constants of a component's typelib on com_load()
1545; https://php.net/com.autoregister-typelib
1546;com.autoregister_typelib = true
1547
1548; register constants casesensitive
1549; https://php.net/com.autoregister-casesensitive
1550;com.autoregister_casesensitive = false
1551
1552; show warnings on duplicate constant registrations
1553; https://php.net/com.autoregister-verbose
1554;com.autoregister_verbose = true
1555
1556; The default character set code-page to use when passing strings to and from COM objects.
1557; Default: system ANSI code page
1558;com.code_page=
1559
1560; The version of the .NET framework to use. The value of the setting are the first three parts
1561; of the framework's version number, separated by dots, and prefixed with "v", e.g. "v4.0.30319".
1562;com.dotnet_version=
1563
1564[mbstring]
1565; language for internal character representation.
1566; This affects mb_send_mail() and mbstring.detect_order.
1567; https://php.net/mbstring.language
1568;mbstring.language = Japanese
1569
1570; Use of this INI entry is deprecated, use global internal_encoding instead.
1571; internal/script encoding.
1572; Some encoding cannot work as internal encoding. (e.g. SJIS, BIG5, ISO-2022-*)
1573; If empty, default_charset or internal_encoding or iconv.internal_encoding is used.
1574; The precedence is: default_charset < internal_encoding < iconv.internal_encoding
1575;mbstring.internal_encoding =
1576
1577; Use of this INI entry is deprecated, use global input_encoding instead.
1578; http input encoding.
1579; mbstring.encoding_translation = On is needed to use this setting.
1580; If empty, default_charset or input_encoding or mbstring.input is used.
1581; The precedence is: default_charset < input_encoding < mbstring.http_input
1582; https://php.net/mbstring.http-input
1583;mbstring.http_input =
1584
1585; Use of this INI entry is deprecated, use global output_encoding instead.
1586; http output encoding.
1587; mb_output_handler must be registered as output buffer to function.
1588; If empty, default_charset or output_encoding or mbstring.http_output is used.
1589; The precedence is: default_charset < output_encoding < mbstring.http_output
1590; To use an output encoding conversion, mbstring's output handler must be set
1591; otherwise output encoding conversion cannot be performed.
1592; https://php.net/mbstring.http-output
1593;mbstring.http_output =
1594
1595; enable automatic encoding translation according to
1596; mbstring.internal_encoding setting. Input chars are
1597; converted to internal encoding by setting this to On.
1598; Note: Do _not_ use automatic encoding translation for
1599;       portable libs/applications.
1600; https://php.net/mbstring.encoding-translation
1601;mbstring.encoding_translation = Off
1602
1603; automatic encoding detection order.
1604; "auto" detect order is changed according to mbstring.language
1605; https://php.net/mbstring.detect-order
1606;mbstring.detect_order = auto
1607
1608; substitute_character used when character cannot be converted
1609; one from another
1610; https://php.net/mbstring.substitute-character
1611;mbstring.substitute_character = none
1612
1613; Enable strict encoding detection.
1614;mbstring.strict_detection = Off
1615
1616; This directive specifies the regex pattern of content types for which mb_output_handler()
1617; is activated.
1618; Default: mbstring.http_output_conv_mimetypes=^(text/|application/xhtml\+xml)
1619;mbstring.http_output_conv_mimetypes=
1620
1621; This directive specifies maximum stack depth for mbstring regular expressions. It is similar
1622; to the pcre.recursion_limit for PCRE.
1623;mbstring.regex_stack_limit=100000
1624
1625; This directive specifies maximum retry count for mbstring regular expressions. It is similar
1626; to the pcre.backtrack_limit for PCRE.
1627;mbstring.regex_retry_limit=1000000
1628
1629[gd]
1630; Tell the jpeg decode to ignore warnings and try to create
1631; a gd image. The warning will then be displayed as notices
1632; disabled by default
1633; https://php.net/gd.jpeg-ignore-warning
1634;gd.jpeg_ignore_warning = 1
1635
1636[exif]
1637; Exif UNICODE user comments are handled as UCS-2BE/UCS-2LE and JIS as JIS.
1638; With mbstring support this will automatically be converted into the encoding
1639; given by corresponding encode setting. When empty mbstring.internal_encoding
1640; is used. For the decode settings you can distinguish between motorola and
1641; intel byte order. A decode setting cannot be empty.
1642; https://php.net/exif.encode-unicode
1643;exif.encode_unicode = ISO-8859-15
1644
1645; https://php.net/exif.decode-unicode-motorola
1646;exif.decode_unicode_motorola = UCS-2BE
1647
1648; https://php.net/exif.decode-unicode-intel
1649;exif.decode_unicode_intel    = UCS-2LE
1650
1651; https://php.net/exif.encode-jis
1652;exif.encode_jis =
1653
1654; https://php.net/exif.decode-jis-motorola
1655;exif.decode_jis_motorola = JIS
1656
1657; https://php.net/exif.decode-jis-intel
1658;exif.decode_jis_intel    = JIS
1659
1660[Tidy]
1661; The path to a default tidy configuration file to use when using tidy
1662; https://php.net/tidy.default-config
1663;tidy.default_config = /usr/local/lib/php/default.tcfg
1664
1665; Should tidy clean and repair output automatically?
1666; WARNING: Do not use this option if you are generating non-html content
1667; such as dynamic images
1668; https://php.net/tidy.clean-output
1669tidy.clean_output = Off
1670
1671[soap]
1672; Enables or disables WSDL caching feature.
1673; https://php.net/soap.wsdl-cache-enabled
1674soap.wsdl_cache_enabled=1
1675
1676; Sets the directory name where SOAP extension will put cache files.
1677; https://php.net/soap.wsdl-cache-dir
1678soap.wsdl_cache_dir="/tmp"
1679
1680; (time to live) Sets the number of second while cached file will be used
1681; instead of original one.
1682; https://php.net/soap.wsdl-cache-ttl
1683soap.wsdl_cache_ttl=86400
1684
1685; Sets the size of the cache limit. (Max. number of WSDL files to cache)
1686soap.wsdl_cache_limit = 5
1687
1688[sysvshm]
1689; A default size of the shared memory segment
1690;sysvshm.init_mem = 10000
1691
1692[ldap]
1693; Sets the maximum number of open links or -1 for unlimited.
1694ldap.max_links = -1
1695
1696[dba]
1697;dba.default_handler=
1698
1699[opcache]
1700; Determines if Zend OPCache is enabled
1701;opcache.enable=1
1702
1703; Determines if Zend OPCache is enabled for the CLI version of PHP
1704;opcache.enable_cli=0
1705
1706; The OPcache shared memory storage size.
1707;opcache.memory_consumption=128
1708
1709; The amount of memory for interned strings in Mbytes.
1710;opcache.interned_strings_buffer=8
1711
1712; The maximum number of keys (scripts) in the OPcache hash table.
1713; Only numbers between 200 and 1000000 are allowed.
1714;opcache.max_accelerated_files=10000
1715
1716; The maximum percentage of "wasted" memory until a restart is scheduled.
1717;opcache.max_wasted_percentage=5
1718
1719; When this directive is enabled, the OPcache appends the current working
1720; directory to the script key, thus eliminating possible collisions between
1721; files with the same name (basename). Disabling the directive improves
1722; performance, but may break existing applications.
1723;opcache.use_cwd=1
1724
1725; When disabled, you must reset the OPcache manually or restart the
1726; webserver for changes to the filesystem to take effect.
1727;opcache.validate_timestamps=1
1728
1729; How often (in seconds) to check file timestamps for changes to the shared
1730; memory storage allocation. ("1" means validate once per second, but only
1731; once per request. "0" means always validate)
1732;opcache.revalidate_freq=2
1733
1734; Enables or disables file search in include_path optimization
1735;opcache.revalidate_path=0
1736
1737; If disabled, all PHPDoc comments are dropped from the code to reduce the
1738; size of the optimized code.
1739;opcache.save_comments=1
1740
1741; If enabled, compilation warnings (including notices and deprecations) will
1742; be recorded and replayed each time a file is included. Otherwise, compilation
1743; warnings will only be emitted when the file is first cached.
1744;opcache.record_warnings=0
1745
1746; Allow file existence override (file_exists, etc.) performance feature.
1747;opcache.enable_file_override=0
1748
1749; A bitmask, where each bit enables or disables the appropriate OPcache
1750; passes
1751;opcache.optimization_level=0x7FFFBFFF
1752
1753;opcache.dups_fix=0
1754
1755; The location of the OPcache blacklist file (wildcards allowed).
1756; Each OPcache blacklist file is a text file that holds the names of files
1757; that should not be accelerated. The file format is to add each filename
1758; to a new line. The filename may be a full path or just a file prefix
1759; (i.e., /var/www/x  blacklists all the files and directories in /var/www
1760; that start with 'x'). Line starting with a ; are ignored (comments).
1761;opcache.blacklist_filename=
1762
1763; Allows exclusion of large files from being cached. By default all files
1764; are cached.
1765;opcache.max_file_size=0
1766
1767; How long to wait (in seconds) for a scheduled restart to begin if the cache
1768; is not being accessed.
1769;opcache.force_restart_timeout=180
1770
1771; OPcache error_log file name. Empty string assumes "stderr".
1772;opcache.error_log=
1773
1774; All OPcache errors go to the Web server log.
1775; By default, only fatal errors (level 0) or errors (level 1) are logged.
1776; You can also enable warnings (level 2), info messages (level 3) or
1777; debug messages (level 4).
1778;opcache.log_verbosity_level=1
1779
1780; Preferred Shared Memory back-end. Leave empty and let the system decide.
1781;opcache.preferred_memory_model=
1782
1783; Protect the shared memory from unexpected writing during script execution.
1784; Useful for internal debugging only.
1785;opcache.protect_memory=0
1786
1787; Allows calling OPcache API functions only from PHP scripts which path is
1788; started from specified string. The default "" means no restriction
1789;opcache.restrict_api=
1790
1791; Mapping base of shared memory segments (for Windows only). All the PHP
1792; processes have to map shared memory into the same address space. This
1793; directive allows to manually fix the "Unable to reattach to base address"
1794; errors.
1795;opcache.mmap_base=
1796
1797; Facilitates multiple OPcache instances per user (for Windows only). All PHP
1798; processes with the same cache ID and user share an OPcache instance.
1799;opcache.cache_id=
1800
1801; Enables and sets the second level cache directory.
1802; It should improve performance when SHM memory is full, at server restart or
1803; SHM reset. The default "" disables file based caching.
1804;opcache.file_cache=
1805
1806; Enables or disables opcode caching in shared memory.
1807;opcache.file_cache_only=0
1808
1809; Enables or disables checksum validation when script loaded from file cache.
1810;opcache.file_cache_consistency_checks=1
1811
1812; Implies opcache.file_cache_only=1 for a certain process that failed to
1813; reattach to the shared memory (for Windows only). Explicitly enabled file
1814; cache is required.
1815;opcache.file_cache_fallback=1
1816
1817; Enables or disables copying of PHP code (text segment) into HUGE PAGES.
1818; Under certain circumstances (if only a single global PHP process is
1819; started from which all others fork), this can increase performance
1820; by a tiny amount because TLB misses are reduced.  On the other hand, this
1821; delays PHP startup, increases memory usage and degrades performance
1822; under memory pressure - use with care.
1823; Requires appropriate OS configuration.
1824;opcache.huge_code_pages=0
1825
1826; Validate cached file permissions.
1827;opcache.validate_permission=0
1828
1829; Prevent name collisions in chroot'ed environment.
1830;opcache.validate_root=0
1831
1832; If specified, it produces opcode dumps for debugging different stages of
1833; optimizations.
1834;opcache.opt_debug_level=0
1835
1836; Specifies a PHP script that is going to be compiled and executed at server
1837; start-up.
1838; https://php.net/opcache.preload
1839;opcache.preload=
1840
1841; Preloading code as root is not allowed for security reasons. This directive
1842; facilitates to let the preloading to be run as another user.
1843; https://php.net/opcache.preload_user
1844;opcache.preload_user=
1845
1846; Prevents caching files that are less than this number of seconds old. It
1847; protects from caching of incompletely updated files. In case all file updates
1848; on your site are atomic, you may increase performance by setting it to "0".
1849;opcache.file_update_protection=2
1850
1851; Absolute path used to store shared lockfiles (for *nix only).
1852;opcache.lockfile_path=/tmp
1853
1854[curl]
1855; A default value for the CURLOPT_CAINFO option. This is required to be an
1856; absolute path.
1857;curl.cainfo =
1858
1859[openssl]
1860; The location of a Certificate Authority (CA) file on the local filesystem
1861; to use when verifying the identity of SSL/TLS peers. Most users should
1862; not specify a value for this directive as PHP will attempt to use the
1863; OS-managed cert stores in its absence. If specified, this value may still
1864; be overridden on a per-stream basis via the "cafile" SSL stream context
1865; option.
1866;openssl.cafile=
1867
1868; If openssl.cafile is not specified or if the CA file is not found, the
1869; directory pointed to by openssl.capath is searched for a suitable
1870; certificate. This value must be a correctly hashed certificate directory.
1871; Most users should not specify a value for this directive as PHP will
1872; attempt to use the OS-managed cert stores in its absence. If specified,
1873; this value may still be overridden on a per-stream basis via the "capath"
1874; SSL stream context option.
1875;openssl.capath=
1876
1877[ffi]
1878; FFI API restriction. Possible values:
1879; "preload" - enabled in CLI scripts and preloaded files (default)
1880; "false"   - always disabled
1881; "true"    - always enabled
1882;ffi.enable=preload
1883
1884; List of headers files to preload, wildcard patterns allowed.
1885;ffi.preload=
1886