creating a php.ini file
Results 1 to 13 of 13

Thread: creating a php.ini file

  1. #1
    Junior Member
    Join Date
    May 2006
    Posts
    14

    creating a php.ini file

    OS: Linux, php: v4.4.0, scripts are ran as CGI executables

    Greetings, I have been trying to set up a cms for a group and I'm pretty new at all of this. here's my problem...

    When I run a security mod on the site I am getting the following security errors:
    'register_globals' : on Not secure
    'allow_url_fopen' : on Not secure
    'session.use_trans_sid' : on Not secure

    After googling, emailing the host and trial and error I have discovered that I need to create a php.ini file. There is currently no .htaccess or php.ini file in the site.

    My latest attempt at the code still gets the errors:
    php.ini:
    Code:
    <?php
    register_globals = off;
    allow_url_fopen = off;
    session.use_trans_sid = off;
    ?>
    Is my code wrong or do I also need to create a .htaccess file?

    Thanks in advance to anyone that can point this newb in the right direction,

    Steve

  2. #2
    Pna lbh ernq guvf¿
    Join Date
    Jul 2004
    Location
    Kansas City area
    Posts
    19,420
    Quote Originally Posted by StevenB
    After googling, emailing the host and trial and error I have discovered that I need to create a php.ini file.
    I really doubt that. There is only one php.ini file that the entire system looks at... it's configured by whoever installs the webserver & PHP interpreter.

    Now, in a hosting environment, an .htaccess file would be the way to go. Create a .htaccess file in the root of your web directory, and use the appropriate command to change each value. For the different commands, see this man page: configuration.changes

  3. #3
    Junior Member
    Join Date
    May 2006
    Posts
    14
    Thanks for your response,

    The host recomended the phi.ini file. This was thier response:
    I'm sorry but we cannot alter these settings for the entire server due to security reasons.
    If you wish to change them just for your web site you can do so by creating a php.ini file in the main folder of your site. Once this is done, simply put in the necessary lines in order to alter the troublesome variables (for instance: register_globals=off).
    in this way you will overwrite the settings of the server only for your website
    I got an internal server error when I tried to create the .htaccess. When I contacted the host there reply was:
    1. Yes, applying these lines to the .htaccess files will cause the internal server error 500 to be generated because in our system PHP scripts are ran as CGI executables which means that whenever you try to use PHP directives in the .htaccess file they are not correctly recognised which in turn results to the aforemenntioned error.
    Sorry if I'm missing something but it sounds to me that I can have a php.ini for just my site. As I said I am new to all of this, but I refuse to give up!

    Steve

  4. #4
    Pna lbh ernq guvf¿
    Join Date
    Jul 2004
    Location
    Kansas City area
    Posts
    19,420
    Ah, didn't expect them to be running it as a CGI binary.

    In that case, try creating the php.ini file as they instructed. No <?php ?> tags, no semicolons.

  5. #5
    Junior Member
    Join Date
    May 2006
    Posts
    14
    I had previosly tried that..
    Code:
    register_globals=off
    allow_url_fopen=off
    session.use_trans_sid=off
    but I still get the security warnings.

    Sorry if this is a stupid question. Do I need to also have a .htaccess file for the php.ini to function?

    And another suggested possible solution was to use php_flag. My attempt did not work, but I may have a problem with my code. here it is:
    Code:
    php_flag register_globals=off
    php_admin_flag allow_url_fopen=off
    php_flag session.use_trans_sid=off
    Any ideas or reffrence is greatly appreciated.

    Thanks,
    Steve

  6. #6
    Pna lbh ernq guvf¿
    Join Date
    Jul 2004
    Location
    Kansas City area
    Posts
    19,420
    I don't work with PHP as a CGI binary much, so I'm in the dark here as well. Since PHP isn't an Apache ISAPI module, the php_flag stuff won't work.

    If you followed their instructions to create a php.ini file and it still won't work, I would contact them and have them take a look at the file you created. See if they know what's wrong and can offer any advice.

  7. #7
    Junior Member
    Join Date
    May 2006
    Posts
    14
    Thanks for your advice. Unfortunatly the host was not much help. They suggested I google my solution. I've been working on this for days and I might just have to change hosts if I can't find the answer today.

    For now I'll keep working on it., but just in case can anyone recomend a good host with php v4.xx, phpmyadmin, mysql, and a very good cp?

    I will be monitoring this post for any advice.

    Thanks,
    Steve

  8. #8
    Pna lbh ernq guvf¿
    Join Date
    Jul 2004
    Location
    Kansas City area
    Posts
    19,420
    As I said, I don't work with PHP as a CGI binary, so I'm out of suggestions. Sorry I couldn't be of much help.

  9. #9
    Junior Member TheWebWench's Avatar
    Join Date
    Aug 2006
    Location
    Pacific NW, US
    Posts
    10
    Many hosts that allow you to modify the php.ini file (and run php cgi mode) will have a copy of the php.ini file for you to download - which you can then modify. I would ask for a copy of thiers (or search their KB or FAQ about the issue, perhaps tis linked there).

    Then just scroll through, making the changes you need and upload to your root directory.

    This is how it was at the host I worked for, as well as 2 other hosts I have used.

    hth
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    Do not meddle in the affairs of dragons,
    for you are crunchy and taste good with ketchup.

  10. #10
    Junior Member
    Join Date
    May 2006
    Posts
    14
    Ok I got a new host (that allows .htaccess) and I have gotten past the register_global problem, but I am still having problems with the .htacess.

    I have enabled .htaccess on the site through the CP and this is my entire .htaccess:
    Code:
    allow_url_fopen=off
    session.use_trans_sid=off
    and that immidiately crashes the site. Can anyone point me in the right direction please?

    TIA,
    Steve

  11. #11
    Pna lbh ernq guvf¿
    Join Date
    Jul 2004
    Location
    Kansas City area
    Posts
    19,420
    1. allow_url_fopen cannot be set in a .htacces file

    2. That's not the correct syntax for a .htaccess file... try looking at this man page: configuration.changes

  12. #12
    Senior Member Ascendancy's Avatar
    Join Date
    Sep 2006
    Posts
    121
    Can anybody help with directions for that, just for Windows?
    PHP =]
    My Site--Soon updated.

  13. #13
    Junior Member
    Join Date
    May 2011
    Posts
    1

    Possible Solution to increase your upload file size

    I ran into the same problem and came across a great solution that worked for me.

    I use godaddy as my hosting solution and they had told me to create my own php.ini file and upload it to the root level of my server. This did not work.

    What worked:

    create the php.ini file with the following:

    memory_limit = 64M
    post_max_size = 64M
    file_uploads = On
    upload_max_filesize = 64M

    You can change the size limit to what you need.

    If you're using wordpress like I am, upload this file to the wp-admin folder.

    It should work. This solution worked great for me.

    If you're using any other solution, try the root first, if that does not work try putting it in the admin folder.

    Hope this helps.

    Regards,

    bspweb
    http://www.bspdesigns.net

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •