Differences
This shows you the differences between two versions of the page.
Next revision | Previous revision | ||
php [2006/03/04 12:22] 193.77.104.168 created |
php [2010/02/20 14:43] (current) greebo |
||
---|---|---|---|
Line 1: | Line 1: | ||
+ | ====== PHP tips ====== | ||
+ | ===== Instalation tips ===== | ||
+ | |||
+ | |||
+ | FIXME | ||
+ | |||
+ | |||
+ | |||
+ | |||
+ | ===== Securing PHP code ===== | ||
+ | |||
+ | For a start, put disable_functions = " | ||
+ | |||
+ | < | ||
+ | expose_php = Off | ||
+ | display_errors = Off | ||
+ | allow_url_fopen = Off | ||
+ | |||
+ | session.use_trans_sid = 0 | ||
+ | session.use_only_cookies = 1 | ||
+ | |||
+ | # | ||
+ | |||
+ | #per vhost: | ||
+ | php_admin_flag safe_mode On | ||
+ | php_admin_value open_basedir "/ | ||
+ | php_admin_value sendmail_from webmaster@example.com | ||
+ | |||
+ | |||
+ | php_admin_flag display_errors On | ||
+ | php_admin_value safe_mode_include_dir "/ | ||
+ | # | ||
+ | php_admin_value default_charset " | ||
+ | |||
+ | </ | ||
+ | |||
+ | **PHP to secure a setup, a good start is a secure php.ini, for example:** | ||
+ | * disable the Fopen Wrapper, **allow_url_fopen** = Off | ||
+ | * use disable_classes and disable_functions like: - ini_alter, ini_get_all, | ||
+ | * set **register_globals = off** | ||
+ | * set log_errors = on, error_reporting and error_log | ||
+ | * use **open_basedir** and include_path | ||
+ | * use **safe_mode** if possible | ||
+ | |||
+ | < | ||
+ | allow_call_time_pass_reference = Off | ||
+ | magic_quotes_gpc = Off | ||
+ | register_long_arrays = Off | ||
+ | register_argc_argv = Off | ||
+ | allow_url_fopen = Off | ||
+ | expose_php = Off | ||
+ | disable_functions = symlink, | ||
+ | </ | ||
+ | |||
+ | |||
+ | === see also: === | ||
+ | * **[[http:// | ||
+ | * [[http:// | ||
+ | * [[http:// | ||
+ | * [[http:// | ||
+ | |||
+ | |||
+ | |||
+ | |||
+ | ===== Speeding it up ===== | ||
+ | Things that will make your PHP code execute a bit faster .. '' | ||
+ | |||
+ | * See [[http:// | ||
+ | * See [[http:// | ||
+ | * See [[http:// | ||
+ | * See [[http:// | ||
+ | * See [[http:// | ||
+ | * See [[http:// | ||
+ | |||
+ | ==== Zend Optimizer ==== | ||
+ | === Instalation === | ||
+ | Get Zend optimizer from [[http:// | ||
+ | |||
+ | **'' | ||
+ | [Zend] | ||
+ | zend_optimizer.enable_loader=0 | ||
+ | zend_optimizer.disable_licensing=0 | ||
+ | zend_optimizer.licence_path=0 | ||
+ | === Configuration === | ||
+ | **'' | ||
+ | [Zend] | ||
+ | zend_optimizer.optimization_level=15 | ||
+ | zend_extension_manager.optimizer=/ | ||
+ | zend_extension_manager.optimizer_ts=/ | ||
+ | zend_extension=/ | ||
+ | zend_extension_ts=/ | ||
+ | |||
+ | '' | ||
+ | |||
+ | |||
+ | ==== EAccelerator ==== | ||
+ | === Instalation === | ||
+ | * Download source from [[http:// | ||
+ | * Requirements: | ||
+ | |||
+ | export PHP_PREFIX="/ | ||
+ | $PHP_PREFIX/ | ||
+ | ./configure --enable-eaccelerator=shared --with-php-config=$PHP_PREFIX/ | ||
+ | make | ||
+ | make install | ||
+ | |||
+ | --without-eaccelerator-use-inode [bug with open_basedir - safe mode] | ||
+ | |||
+ | * See [[http:// | ||
+ | |||
+ | === Eaccelerator with Zend Optimizer === | ||
+ | **''/ | ||
+ | [EAccelerator] | ||
+ | zend_extension="/ | ||
+ | eaccelerator.shm_size=" | ||
+ | eaccelerator.cache_dir="/ | ||
+ | eaccelerator.enable=" | ||
+ | eaccelerator.optimizer=" | ||
+ | eaccelerator.check_mtime=" | ||
+ | eaccelerator.debug=" | ||
+ | eaccelerator.filter="" | ||
+ | eaccelerator.shm_max=" | ||
+ | eaccelerator.shm_ttl=" | ||
+ | eaccelerator.shm_prune_period=" | ||
+ | eaccelerator.shm_only=" | ||
+ | eaccelerator.compress=" | ||
+ | eaccelerator.compress_level=" | ||
+ | |||
+ | [Zend] | ||
+ | zend_optimizer.optimization_level=15 | ||
+ | zend_extension_manager.optimizer=/ | ||
+ | zend_extension_manager.optimizer_ts=/ | ||
+ | zend_optimizer.version=2.5.10a | ||
+ | zend_extension=/ | ||
+ | zend_extension_ts=/ | ||
+ | |||
+ | **Be sure to fix the PATH to Zend and eaccelerator libraries** | ||
+ | |||
+ | |||
eaccelerator | eaccelerator | ||
php.ini tricks | php.ini tricks | ||
+ | |||
+ | [[Zend]] |