File: //etc/cl.selector.conf.d/php.conf
# Sign commenting is allowed only at the beginning of the line
Directive = allow_url_fopen
Default = Off
Type = bool
Comment = Allows PHP file functions to retrieve data from remote locations over FTP or HTTP. This option is a great security risk, thus do not turn it on without necessity.
Directive = display_errors
Default = Off
Type = bool
Comment = Determines whether errors should be printed to the screen as part of the output or if they should not be shown to a user.
Directive = error_reporting
Default = E_ALL & ~E_NOTICE & ~E_DEPRECATED
Range = ~E_ALL,E_ALL & ~E_NOTICE,E_ALL,E_ALL & ~E_NOTICE & ~E_DEPRECATED
Type = list
Comment = The error reporting level.
Directive = file_uploads
Default = On
Type = bool
Comment = Allows uploading files over HTTP.
Directive = include_path
Default = .;/path/to/php/pear
Type = value
Comment = The list of directories where scripts look for files (similar to system's PATH variable). To separate directories, use a colon (:) For example: .:/dir/inc:/usr/lib/php
Directive = log_errors
Default = Off
Type = bool
Comment = Tells whether to log errors. By default, errors are logged in the server's error log. Use the error_log directive to specify the path to your own log file.
Directive = magic_quotes_gpc
Default = On
Type = bool
Remark = <5.4.0
Comment = Sets the magic_quotes state for the GPC (Get, Post and Cookie) operations. When magic_quotes are on, all single-quotes, double quotes, backslashesand special characters are escaped with the backslash automatically.
Directive = mail.force_extra_parameters
Type = value
Comment = Additional parameters for the mail() function used to send mail. For example, to use your custom Sendmail configuration: -C /dir/conf.cf
Directive = max_execution_time
Default = 300
Type = value
Comment = The maximum time in seconds a script is allowed to run before it is terminated.
Directive = max_input_time
Default = 300
Type = value
Comment = The maximum time in seconds a script is allowed to parse input data.
Directive = memory_limit
Default = 512M
Type = list
Range = 64M,128M,192M,256M,368M,512M,1024M,2048M
Comment = The maximum amount of memory in bytes a script is allowed to allocate. Set the value to -1 to have no memory limit (not recommended). Use shortcuts for byte values: K (kilo), M (mega), and G (giga). For example, 128M
Directive = post_max_size
Default = 512M
Type = list
Range = 2M,4M,8M,16M,32M,64M,128M,256M,512M,1024M,2048M
Comment = The maximum size in bytes of data that can be posted with the POST method. Typically, should be larger than upload_max_filesize and smaller than memory_limit. Use shortcuts for byte values: K (kilo), M (mega), and G (giga). For example, 16M.
Directive = open_basedir
Type = value
Comment = The list of directories used to limit the files that can be opened by PHP. If the file is outside the specified directories, PHP scripts will refuse to open it. To separate directories, use a colon. For example: /dir/upload:/usr/tmp
Directive = register_globals
Default = Off
Type = bool
Remark = <5.4.0
Comment = Tells whether to register the contents of the EGPCS (Environment, GET, POST, Cookie, Server) variables as global variables. When on, register_globals will inject your scripts with all sorts of variables, like request variables from HTML forms. This option is a great security risk, thus do not turn it on without necessity
Directive = safe_mode
Default = Off
Type = bool
Remark = <5.4.0
Comment = Enables PHP safe mode. This mode puts a number of restrictions on scripts (say, access to file system) mainly for security reasons.
Directive = safe_mode_exec_dir
Type = value
Remark = <5.4.0
Comment = If PHP is in the safe mode, scripts can execute external programs located only in this directory. For example: /dir/external
Directive = safe_mode_include_dir
Type = value
Remark = <5.4.0
Comment = If PHP is in the safe mode and a script tries to access some files, files from this directory will bypass security (UID/GID) checks. The directory must also be in include_path. For example: /dir/inc
Directive = session.save_path
Default = /tmp
Type = value
Comment = The directory where PHP writes session data (files). For example: /dir/tmp
Directive = short_open_tag
Default = On
Type = bool
Comment = Allows the short form of the PHP open tag.
Directive = upload_max_filesize
Default = 512M
Type = list
Range = 2M,4M,8M,16M,32M,64M,128M,256M,512M,1G
Comment = The maximum size in bytes of an uploaded file. Use shortcuts for byte values: K (kilo), M (mega), and G (giga). For example, 128M.
Directive = disable_functions
Default = passthru,system,shell_exec,show_source,exec,popen,proc_open
Type = value
Comment = Functions that are not allowed
Directive = auto_prepend_file
Default =
Type = value
Comment = Specifies the name of a file that is automatically parsed before the main file.
Directive = date.timezone
Type = value
Comment = The default timezone used by all date/time functions. A list of supported timezone values can be found here: http://www.php.net/manual/en/timezones.php
Directive = realpath_cache_size
Type = value
Remark = >5.2
Comment = Realpath cache in PHP
Directive = realpath_cache_ttl
Type = value
Remark = >5.2
Comment = Realpath cache TTL in PHP
Directive = expose_php
Default = Off
Type = bool
Comment = Exposes to the world that PHP is installed on the server
Directive = allow_url_include
Default = Off
Type = bool
Remark = >5.2
Comment = If user input is not properly validated, this can conduct to remote file inclusion vulnerabilities
Directive = allow_url_include
Default = Off
Type = bool
Remark = >5.2
Comment = Beware of enabling this, If user input is not properly validated, this can conduct to remote file inclusion vulnerabilities