= Off
;SYS
; FastCGI in IIS supports the ability to mimic client security tokens.
; This enables IIS to define the security context of the requests on which the runtime is based.
; mod_fastcgi in Apache does not support this feature (03/17/2002)
; If running in IIS, set to On, default to Off.
= On
;SYS
; Whether to record connections made through FastCGI.
[PHP-Core-Weirdy]
; These options exist only in the documentation, but not in the output of the phpinfo() function
async_send = Off
; Whether to send asynchronously.
from = ;"john@"
; Define anonymous ftp password (an email address)
;; Near core module ;;
[Pcre]
;Perl compatible regular expression module
pcre.backtrack_limit = 100000
; The maximum number of backtracking steps of PCRE.
pcre.recursion_limit = 100000
; The maximum recursion depth of PCRE.
; If you set this value very high, it may exhaust the stack space of the process and cause PHP to crash.
[Session]
; Unless a variable is registered using session_register() or $_SESSION.
; Otherwise, no session record will be automatically added regardless of whether session_start() is used.
; Objects containing resource variables or objects with circular references contain references to themselves and cannot be saved in the session.
; register_globals directive will affect the storage and recovery of session variables.
session.save_handler = "files"
; The processor name that stores and retrieves data associated with the session. Default is file ("files").
; If you want to use a custom processor (such as a database-based processor), you can use "user".
; There is a processor using PostgreSQL: /projects/phpform-ext/
session.save_path = "/tmp"
; Parameters passed to the storage processor. For files processors, this value is the path to create the session data file.
; The default is the temporary folder path under Windows.
; You can use "N;[MODE;]/path" to define the path (N is an integer).
; N means using a subdirectory of N-layer depth, rather than saving all data files in one directory.
; [MODE;] Optional, the octal number must be used, the default is 600 (=384), indicating the maximum number of session files saved in each directory.
; This is a good idea to improve performance for a large number of sessions.
; Note 0: Double quotes on both sides of "N;[MODE;]/path" cannot be omitted.
; Note 1: [MODE;] will not overwrite the process's umask.
; Note 2: PHP will not automatically create these folder structures. Please use the mod_files.sh script in the ext/session directory to create it.
; Note 3: If the folder can be accessed by unsafe users (such as the default "/tmp"), it will cause security vulnerabilities.
; Note 4: Automatic garbage collection will fail when N>0. For details, please refer to the section on garbage collection below.
= "PHPSESSID"
;The session ID identification name used in the cookie can only contain letters and numbers.
session.auto_start = Off
; The session is automatically initialized when a customer visits any page, and is prohibited by default.
; Because the class definition must be loaded before the session starts, if you turn on this option, you cannot store objects in the session.
session.serialize_handler = "php"
; The processor used to serialize/deserialize data, php is a standard serialization/deserialize processor.
; Also use "php_binary". When WDDX support is enabled, only "wddx" will be used.
session.gc_probability = 1
session.gc_divisor = 100
; Defines the probability of starting a garbage collector every time the session is initialized.
; This collection probability calculation formula is as follows: session.gc_probability/session.gc_divisor
; The more frequent access to the session page, the smaller the probability should be. The recommended value is 1/1000~5000.
session.gc_maxlifetime = 1440
; After the number of seconds specified by this parameter is exceeded, the saved data will be treated as 'garbage' and cleaned by the garbage collector.
; The judgment criteria are the time when the data is last accessed (for the FAT file system, the time when the data is last refreshed).
; If multiple scripts share the same session.save_path directory but session.gc_maxlifetime is different,
; Then the minimum value in all session.gc_maxlifetime directives will be based on.
; If you use multi-layer subdirectories to store data files, the garbage collector will not start automatically.
; You must use a shell script, cron item or other method you wrote yourself to perform garbage collection.
; For example, the following script is equivalent to setting "session.gc_maxlifetime=1440" (24 minutes):
; cd /path/to/sessions; find -cmin +24 | xargs rm
session.referer_check =
; If the "Referer" field in the request header does not contain the string specified here, the session ID will be considered invalid.
; Note: If the "Referer" field does not exist at all in the request header, the session ID will still be considered valid.
; Default is empty, which means no checking is done (all are considered valid).
session.entropy_file = ;"/dev/urandom"
; Additional external high entropy resource (file) for creating session ID,
; For example, "/dev/random" or "/dev/urandom" on UNIX systems
session.entropy_length = 0
; Number of bytes read from high entropy resource (suggested value: 16).
session.use_cookies = On
; Whether to use cookies to save session ID on the client
session.use_only_cookies = Off
; Whether to save session ID on the client using only cookies. The default value of PHP6 is On.
; Turn on this option to avoid security issues caused by using URLs to pass sessions.
; But disabling cookies will make the session unworkable.
session.cookie_lifetime = 0
; The cookie validity period (seconds) that passes the session ID, 0 means that it is valid only during the browser opening.
session.cookie_path = "/"
; Pass the cookie action path to the session ID.
session.cookie_domain =
; Cookie scope that delivers session ID.
; By default, empty means the host name generated according to the cookie specification.
session.cookie_secure = Off
; Whether to send cookies only through secure connections (https).
session.cookie_httponly = Off
; Whether to add the httpOnly flag in the cookie (only allows HTTP protocol access),
; This will cause the client script (JavaScript, etc.) to not access the cookie.
; Opening this command can effectively prevent hijacking of session IDs through XSS attacks.
session.cache_limiter = "nocache"
; Set to {nocache|private|public} to specify the cache control mode of the session page,
; or set to empty to prevent the sending of commands to disable cache in the http answer header.
session.cache_expire = 180
; Specify the validity period of the session page in the client cache (minutes)
; When session.cache_limiter=nocache, the setting here is invalid.
session.use_trans_sid = Off
; Whether to use explicit code to display SID (session ID) in the URL.
; By default, it will pose a security risk to your users:
; 1- The user may tell others the URL containing a valid sid through email/irc/QQ/MSN....
; 2- The URL containing a valid sid may be saved on a public computer.
; 3- Users may save URLs with fixed sids in their favorites or browsing history records.
; URL-based session management always has more risks than cookie-based session management, so it should be disabled.
session.bug_compat_42 = On
session.bug_compat_warn = On
; Versions before PHP4.2 have an unspecified "BUG":
; Allows initialization of global session variables even in register_globals=Off,
; If you use this feature in versions after PHP4.3, a warning will be displayed.
; It is recommended to close the "BUG" and display a warning. PHP6 deletes these two instructions, which is equivalent to setting them all to Off.
session.hash_function = 0
; Hash algorithm for generating SIDs. SHA-1 is more secure
; 0: MD5 (128 bits)
; 1: SHA-1 (160 bits)
; SHA-1 is recommended.
session.hash_bits_per_character = 4
; Specifies how many bits to save in each character in the SID string,
; These binary numbers are the results of the hash function.
; 4: 0-9, a-f
; 5: 0-9, a-v
; 6: 0-9, a-z, A-Z, "-", ","
; The recommended value is 5
url_rewriter.tags = "a=href,area=href,frame=src,form=,fieldset="
; This directive belongs to the core part of PHP and does not belong to the Session module.
; Specifies which HTML tags to override to include SIDs (only valid if session.use_trans_sid=On)
; Form and fieldset are more special:
; If you include them, the URL rewriter will add a hidden "<input>" that contains information that should have been appended to the URL.
; If you want to comply with XHTML standards, remove the form item and add the <fieldset> tag before and after the form field.
; Note: All legal terms require an equal sign (even if there is no value afterward).
; The recommended value is "a=href,area=href,frame=src,input=src,form=fakeentry".
session.encode_sources = "globals"
; The controversial directive in PHP6 has not yet been decided whether to adopt the directive. There are no relevant documents yet.
;; Other modules ;;
[APC]
; Alternative PHP Cache is used to cache and optimize PHP intermediate code
= On
; Whether to enable APC, if APC is statically compiled into PHP and wants to disable it, this is the only way.
apc.enable_cli = Off
;SYS
; Whether to enable APC functionality for the CLI version, this directive is only opened for testing and debugging purposes.
apc.cache_by_default = On
; Whether to enable buffering for all files by default.
; If set to Off and used with instructions starting with a plus sign, the file is cached only when matching the filter.
apc.file_update_protection = 2
;SYS
; When you modify a file on a running server, you should perform atomic operations.
; That is, first write a temporary file, and then rename the file (mv) to its final name.
; Text editors and programs such as cp, tar do not operate in this way, resulting in the possibility of buffering of broken files.
; Default value 2 means that if the modification time is found to be less than 2 seconds when accessing the file, it will not be buffered.
; That unfortunate visitor may get the broken content, but this bad effect will not be expanded through cache.
; If you can ensure that all update operations are atomic operations, you can turn off this feature with 0.
; If your system is slow to update due to a large number of IO operations, you need to increase this value.
=
;SYS
; A comma-separated list of POSIX extension regular expressions.
; If the source file name matches any pattern, the file is not cached.
; Note that the file name used to match is the file name passed to include/require, not the absolute path.
; If the first character of the regular expression is "+", it means that any file matching the expression will be cached.
; If the first character is "-", no match will be cached. "-" is the default value and can be omitted.
= 0
;SYS
; Number of seconds allowed by cache entries in the buffer. 0 means that the timeout will never be exceeded. The recommended value is 7200~86400.
; Set to 0 means that the buffer may be filled with old cache entries, resulting in the inability to cache new entries.
apc.user_ttl = 0
;SYS
; Similarly, only for each user, the recommended value is 7200~86400.
; Set to 0 means that the buffer may be filled with old cache entries, resulting in the inability to cache new entries.
apc.gc_ttl = 3600
;SYS
; The number of seconds the cache entry can exist in the garbage collection table.
; This value provides a security measure even if a server process crashes while executing cached source files,
; And the source file has been modified, and the memory allocated for the old version will not be recycled until this TTL value is reached.
; Set to zero will disable this feature.
apc.include_once_override = Off
;SYS
; Optimize include_once() and require_once() functions to avoid executing additional system calls.
apc.max_file_size = 1M
;SYS
; Prohibit files larger than this size being cached.
apc.mmap_file_mask =
;SYS
; If MMAP support is compiled for APC using --enable-mmap (enabled by default),
; The value here is the mktemp-style file mask passed to the mmap module (the recommended value is "/tmp/").
; This mask is used to determine whether the memory mapped area is to be file-backed or shared memory backed.
; For direct file-backed memory map, set to "/tmp/" look like (just 6 Xs).
; To use POSIX-style shm_open/mmap, you need to set it to "/" look.
; You can also set to "/dev/zero" to use the kernel's "/dev/zero" interface for anonymously mapped memory.
; If this directive is not defined, it means that anonymous mapping is used forcing it.
apc.num_files_hint = 1000
;SYS
; The approximate number of different script source code files that may be included or requested on the web server (the recommended value is 1024~4096).
; If you are not sure, set to 0 ; This setting is mainly used for sites with thousands of source files.
= 0
; Optimization level (recommended value is 0). Oppose the use of this directive. It may be deleted in the future.
; Positive integer values indicate that the optimizer is enabled, and the higher the value, the more aggressive optimization is used.
; Higher values may have very limited speed improvements, but are currently under trial.
apc.report_autofilter = Off
;SYS
; Whether to record all scripts that are automatically not cached due to early/late binding.
apc.shm_segments = 1
;SYS
; Number of shared memory blocks allocated for the compiler buffer (recommended value is 1).
; If the APC has exhausted shared memory and has set the apc.shm_size directive to the maximum allowed value by the system, you can try to increase this value.
; Setting to other values other than 1 in mmap mode is invalid because there is no limit on the size of shared memory segments that pass through mmap.
apc.shm_size = 30
;SYS
; The size of each shared memory block (in MB, the recommended value is 128~256).
; Some systems (including most BSD variants) have very small default shared memory block sizes.
apc.slam_defense = 0
;SYS
; On a very busy server, whether it is starting a service or modifying a file,
; All may lead to race conditions due to multiple processes attempting to cache a file at the same time.
; This directive is used to set the percentage of the process skipping the cache step when processing uncached files.
; For example, setting it to 75 means that there is a 75% chance of not being cached when encountering uncached files, thereby reducing the chance of collision.
; Oppose the use of this directive, and encourage setting to 0 to disable this feature. It is recommended to use the apc.write_lock command.
= On
;SYS
; Whether to enable script update check.
; Be very careful when changing this instruction value.
; Default value On means that the APC checks whether the script is updated every time it requests the script.
; If updated, the compiled content will be recompiled and cached automatically. But doing so has a negative impact on performance.
; If set to Off, it means no checking is performed, which greatly improves performance.
; But in order for the updated content to take effect, you must restart the web server.
; This directive is also valid for include/require files. But it should be noted that
; If you are using relative paths, the APC must check every time include/require to locate the file.
; When using absolute paths, you can skip the check, so you are encouraged to use absolute paths for include/require operations.
apc.user_entries_hint = 4096
;SYS
; Similar to the num_files_hint directive, just for each different user.
; If you are not sure, set to 0 .
apc.write_lock = On
;SYS
; Whether to enable write lock.
; On a very busy server, whether it is starting a service or modifying a file,
; All may lead to race conditions due to multiple processes attempting to cache a file at the same time.
; Enable this directive to avoid the occurrence of race conditions.
apc.rfc1867 = Off
;SYS
; After opening this directive, for each upload file that contains the APC_UPLOAD_PROGRESS field just before the file field,
; APC will automatically create a user cache entry with upload_<key> (<key> is the APC_UPLOAD_PROGRESS field value).
; It should be noted that file upload tracking is not thread-safe here.
; So if the old file has not been uploaded yet and the new file has started to be uploaded, then tracking of the old file will be lost.
= Off
;SYS
; Whether to use non-locked local process shadow-cache, it can reduce competition between locks when writing to the buffer.
= 512
;SYS
; The shadow-cache of the local process should be set to a sufficiently large value, which is approximately half of num_files_hint.
apc.stat_ctime = Off
;SYS
; No documentation yet
[bcmath]
; Provides a binary calculator (Binary Calculator) for arbitrary precision mathematical calculations,
; It supports numbers of arbitrary size and precision, described in string form.
= 0
; Number of 10 decimal numbers used for all bcmath functions
[GD]
gd.jpeg_ignore_warning = Off
; Whether to ignore the warning information of the jpeg decoder (such as the image format cannot be recognized).
; There are two MIME types: image/jpeg and image/pjpeg. The GD library can only recognize the former traditional format.
; See: /modules/newbb/v ... d=1867&forum=14
; /?id=29878
; /faqs/jpeg-faq/part1/
[Filter]
; Confirm and filter data from unreliable sources, this extension module is experimental.
= "unsafe_raw"
; Use the specified filter to filter $_GET,$_POST,$_COOKIE,$_REQUEST data,
; The raw data can be accessed through the input_get() function.
; "unsafe_raw" means no filtering is done.
filter.default_flags =
; The default flag of filter_data() function.
[mbstring]
;Multi-byte string module supports
= "neutral"
; The default NLS (local language settings), the value you can set is as follows:
; The default value "neutral" means neutral, equivalent to unknown.
; "zh-cn" or "Simplified Chinese" means simplified Chinese
; "zh-tw" or "Traditional Chinese" means traditional Chinese
; "uni" or "universal" means Unicode
; This directive automatically defines the default value of the subsequent mbstring.internal_encoding directive,
; and the mbstring.internal_encoding directive must be placed after that directive.
mbstring.internal_encoding =
; This instruction must be placed after the instruction.
; Default internal encoding, when not set, depends on the value of the instruction:
; "neutral" corresponds to "ISO-8859-1"
; "zh-cn" corresponds to "EUC-CN" (equivalent to "GB2312")
; "zh-tw" corresponds to "EUC-TW" (equivalent to "BIG5")
; "uni" corresponds to "UTF-8"
; Reminder: For Simplified Chinese, you can also force it to set to "CP936" (equivalent to "GBK")
; Note: Maybe SJIS, BIG5, GBK are not suitable for internal encoding, but "GB2312" is definitely fine.
; It is recommended to manually force the specification
mbstring.encoding_translation = Off
; Whether to transparently convert the incoming HTTP requests according to the mbstring.internal_encoding directive,
; That is, automatically detect the encoding of the input character and convert it transparently into internal encoding.
; Portable libraries or programs must not rely on automatic encoding conversion.
mbstring.http_input = "pass"
; The default HTTP input encoding, "pass" means skip (no conversion)
; The meaning of "aotu" is the same as explained in the mbstring.detect_order directive.
; can be set to a separate value or to a comma-separated list.
mbstring.http_output = "pass"
; The default HTTP output encoding, "pass" means skip (no conversion)
; The meaning of "aotu" is the same as explained in the mbstring.detect_order directive.
; can be set to a separate value or to a comma-separated list.
; The output_handler directive must be set to "mb_output_handler".
mbstring.detect_order =
; The default encoding detection order, "pass" means skip (no conversion).
; The default value ("auto") varies according to the instructions:
; "neutral" and "universal" correspond to "ASCII, UTF-8"
; "Simplified Chinese" corresponds to "ASCII, UTF-8, EUC-CN, CP936"
; "Traditional Chinese" corresponds to "ASCII, UTF-8, EUC-TW, BIG-5"
; It is recommended to manually force a single value in a controlled environment
mbstring.func_overload = 0
;SYS
; Automatically overload the corresponding single-byte string function using the mb_* function.
; For example: mail(), ereg() will be automatically replaced with mb_send_mail(), mb_ereg()
; 0,1,2,4 can be used for bit combinations. For example, 7 means replace all. The specific replacement instructions are as follows:
; 0: No replacement
; 1: mail() → mb_send_mail()
; 2: strlen() → mb_strlen() ; substr() → mb_substr()
; strpos() → mb_strpos() ; strrpos() → mb_strrpos()
; strtolower() → mb_strtolower() ; strtoupper() → mb_strtoupper()
; substr_count() → mb_substr_count()
; 4: ereg() → mb_ereg() ; eregi() → mb_eregi()
; ereg_replace() → mb_ereg_replace() ; eregi_replace() → mb_eregi_replace()
; split() → mb_split()
mbstring.script_encoding =
; The encoding used by the script
mbstring.strict_detection = Off
; Whether to use rigorous coding detection
mbstring.substitute_character =
; When a character cannot be decoded, this character is used instead.
; If set to an integer, it indicates the corresponding Unicode value. If no value is set, it indicates that the error character is not displayed.
; It is recommended to set to "□"
[Mcrypt]
; Interface to an mcrypt library that supports many types of block encryption algorithms.
; This module is not recommended because there are too many problems, so encryption is recommended at the database layer.
mcrypt.algorithms_dir =
; The directory where the default encryption algorithm module is located. Usually "/usr/local/lib/libmcrypt".
; There is no detailed documentation yet, and the explanation here may be incorrect.
mcrypt.modes_dir =
; The directory where the default encryption mode module is located. Usually "/usr/local/lib/libmcrypt".
; There is no documentation yet, and the explanation here may be incorrect.
[Memcache]
; A high-performance distributed memory object cache system, by maintaining a unified huge hash table in memory,
; It can be used to store data in various formats, including images, videos, files, and database search results.
memcache.allow_failover = On
; Whether to transparently failover to other servers when an error is encountered.
memcache.chunk_size = 8192
; Data will be transferred according to the block size set by this value. The smaller this value, the more additional network transmission is required.
; If you find that the unexplained speed decreases, you can try increasing this value to 32768.
memcache.default_port = 11211
; The default TCP port used when connecting to the memcached server.
memcache.max_failover_attempts = 20
; How many servers can be tried at most when accepting and sending data, and it is valid when opening memcache.allow_failover.
[Zlib]
; This module allows PHP to transparently read and write gzip(.gz) compressed files.
zlib.output_compression = Off
; Whether to use the zlib library to transparently compress the script output results.
; The value of this instruction can be set to: Off, On, byte number (compression buffer size, default is 4096).
; If you open this command, when the browser sends the "Accept-Encoding: gzip(deflate)" header,
; The "Content-Encoding: gzip(deflate)" and "Vary: Accept-Encoding" headers will be added to the answer header.
; You can enable or disable this feature in the script using the ini_set() function before the answer header output.
; If you output a response header like "Content-Type: image/??", compression will not be enabled (to prevent Netscape bugs).
; You can re-open this feature with "ini_set('zlib.output_compression', 'On')" after outputting "Content-Type: image/??".
; Note 1: The compression rate will be affected by the compression buffer size. If you want better compression quality, please specify a larger compression buffer.
; Note 2: If zlib output compression is enabled, the output_handler directive must be empty, and the value of the zlib.output_handler directive must be set.
zlib.output_compression_level = -1
; Compression level, available values are 0~9, 0 means no compression. The higher the value, the better the effect, but the more CPU is consumed, the recommended value is 1~5.
; Default value -1 means using the default value inside zlib (6).
zlib.output_handler =
; With the zlib.output_compression directive opened, you can only specify the output processor here.
; The processors that can be used are "" (decompressed) or "" (compressed).
; If this directive is enabled, the output_handler directive must be set to empty.
[dbx]
; A database abstraction layer that provides a unified interface for different databases. Currently supported:
; FrontBase,SQL Server,MySQL,ODBC,PostgreSQL,Sybase-CT,Oracle 8,SQLite
dbx.colnames_case = "unchanged"
;SYS
; Field names can be returned in the form of "unchanged" or "uppercase", "lowercase".
[MySQLi]
; The MySQLi module can only work with MySQL versions 4.1.3 or above.
mysqli.max_links = -1
;SYS
; Maximum number of connections allowed in each process (persistent and non-persistent). -1 stands for unlimited
mysqli.default_port = 3306
; mysqli_connect() uses the default TCP port when connecting to the MySQL database.
; If the default value is not specified here, it will be searched in the following order:
; (1) $MYSQL_TCP_PORT environment variable
; (2) MySQL-tcp entry (unix) in the /etc/services file
; (3) MYSQL_PORT constant specified during compilation
; Note: Under Win32, only the MYSQL_PORT constant is used.
mysqli.default_socket =
; mysqli_connect() uses the default socket name when connecting to the native MySQL server.
; If not specified, use the built-in MqSQL default value.
mysqli.default_host =
; mysqli_connect() The default host used when connecting to the MySQL database. Invalid in Safe Mode.
mysqli.default_user =
; mysqli_connect() uses the default username when connecting to the MySQL database. Invalid in Safe Mode.
mysqli.default_pw =
; mysqli_connect() uses the default password when connecting to the MySQL database. Invalid in Safe Mode.
; Saving passwords in configuration files is a bad idea, and any user using PHP permissions can run
; 'echo cfg_get_var("mysql.default_password")' to display the password!
; And any user with read permission to this configuration file can also see the password.
= Off
;SYS
; Whether to allow reconnection
[PostgresSQL]
;PostgresQL module is recommended to work with version 8.0 or above.
pgsql.allow_persistent = On
;SYS
; Whether to allow persistent connections
pgsql.max_persistent = -1
;SYS
; Maximum number of persistent connections allowed in each process. -1 means no limit.
pgsql.max_links = -1
;SYS
; Maximum number of connections allowed in each process (persistent and non-persistent). -1 means no limit.
pgsql.auto_reset_persistent = Off
;SYS
; Automatically resetting a persistent connection that was interrupted on pg_pconnect(), and detection requires some extra overhead.
pgsql.ignore_notice = Off
; Whether to ignore the PostgreSQL backend reminder messages.
; Recording reminder messages on the backend requires some small extra overhead.
pgsql.log_notice = Off
; Whether to record reminder messages from PostgreSQL backend in the log.
; Recording can only be done when pgsql.ignore_notice=Off.