Configuring PHP

PHP has several 'directives' that control its behavior, many have little bearing on the actual performance of your site, but there are some that have a great impact on performance and there are others that have security implications. This will give you an overview of those directives and provide you with several methods for adjusting those directives on your site.

The Directives

memory_limit

Methods: All (user scripts, Windows registry, php.ini, .htaccess or httpd.conf) This sets the maximum amount of memory in bytes that a script is allowed to allocate. This helps prevent poorly written scripts for eating up all available memory on a server.

safe_mode

Methods: System (php.ini or httpd.conf)
Whether to enable PHP's safe mode.
Default (5.2.1): 0 (disabled)
Recommended: 0
This is important, for security reasons. This is being removed in PHP6.0

register_globals

Methods: PerDir (php.ini, .htaccess or httpd.conf)
Whether or not to register the EGPCS (Environment, GET, POST, Cookie, Server) variables as global variables.
Default (5.2.1): off
Recommended: off
This is important, for security reasons. As of PHP6.0, this directive is deprecated.

allow_url_fopen

Methods: System (php.ini, or httpd.conf), since PHP4.3.5
This option enables the URL-aware fopen wrappers that enable accessing URL object like files.
Default (5.2.1): 1 (enabled)
Recommended: 0, some modules will not function properly with this setting. Be sure to test.
This is important, for security reasons

session.use_trans_id

Methods: All (user scripts, Windows registry, php.ini, .htaccess or httpd.conf)
session.use_trans_sid whether transparent sid support is enabled or not.
Default (5.2.1): 0 (disabled)
Recommended: 1
This is important, for security reasons

The Methods

==.htaccess==

php.ini

httpd.conf

User Scripts