Good afternoon everybody, i've been using ISPConfig for a while and i've even bought the user manual but only today i've discovered something i don't understand well. If i make some customization in the global php.ini of my server (/etc/php5/apache2/php.ini) and i also make some customizations in the website's one (/var/www/conf/web1/php.ini), which one is going to "win"? I mean, if in the global php.ini i've got "upload_max_filesize = 50M" but in the website's php.ini i haven't changed "upload_max_filesize", so i should have the default value (2M), what is actually going to be the upload_max_filesize for that site? 50M or 2M? I've made a couple of tests and it looks like the website's one wins against the global one: i was having problem installi a Joomla component because it was larger than 2M and solved inserting "upload_max_filesize = 50M" in the website's php.ini too. I already had it in the global one but it didn't work. Is it like this that ISPConfig works? Is there a way to configure things so that every website inherits the customizations from global php.ini, but also has all the customizations you write in the website's php.ini section of ISPConfig? If i leave the website's php.ini section blank, does the site inherits the global php.ini customizations? Thanks! Best regards.
Site PHP "wins" VS Global PHP And of course if site php is blank it apply the global PHP This is how it works and its the logical behaviour
Thanks! I'm asking that because i've made a couple of tests and i've tried leaving blank the site PHP and, nevertheless, i couldn't upload more than 2 Mbyte, so i assuemd that the global PHP.ini wasn't working. It worked only when i inserted "upload_max_filesize = 50M" in the site PHP.ini too...
Did you restart apache after changing php.ini? If you do a phpconfig() what is the upload_max_filesize value?
Yes. That what i just did. - Site 01: Inserted "upload_max_filesize = 50M" into the "Custom php.ini settings" field. - Site 02: Deleted everything from the "Custom php.ini settings" field, so that is blank. - I've saved the configuration in ISPConfig - I've reloaded Apache And then i've used phpinfo.php to test the values: - Site 01: upload_max_filesize is 50M - Site 02: upload_max_filesize is 2M So it seems to me that the customizations in the global php.ini are useless, because in the global /etc/php5/apache2/php.ini the upload_max_filesize is 50M.
No, thats notrelated. Neither the order nor number of websites matters for this. Yes, thats how it works. If you have not set a custom php.ini, then the global one is used BUT if you ever used a custom php.ini for that site, then the site gets decoupled from the main php.ini as php cant extend oe inherit a php.ini so ispconfig has to make a fully copy of the php.ini and exted it by adding the custom settings at the end of this new file. and there is one more thing, the php.ini file that you changed (/etc/php5/apache2/php.ini) is for mod_php only. if you want to set the upload site for the recommended php modes dcgi or fpm, then you have to alter the files /etc/php5/cgi/php.ini and /etc/php5/fpm/php.ini as well as there is more then one global php.ini file on Debian and Ubuntu.
That's exactly the point i didn't know! Thank you! "I you ever used a custom php.ini for that site"! So, if i create a new site and i don't ever use the "Custom php.ini" field, the global one should "win". In all the tests i've made, i already had used the custom php.ini field and i just blanked it. I didn't know it :/ Thanks!
Even if you had use the custom php.ini and then blanked it, then it will use the global php.ini. The problem for sure is what till said, you are changing the mod_php php.ini and your site is in cgi mode.
On centos I go with all-stock php.ini, but put all my common configuration options into zz_custom.ini under php.d direcotory. One more thing to consider: if you add custom options for some website, then it get's a copy of global php.ini with added custom options. But if you now modify your global php.ini, the site's php.ini will not get those changes until it is regenerated, which is not to happen on it's own. php.d way solves this.
Because it's a security risk and would allow a client aor a hacker that hacked your wp site to override the settings and limits that the admin has set for this site. If you want to override PHP settings of a site, use the php.ini field on the website options tab.