How do I control and put limits on php scripts such as maximum execution time of each script and upload file size?
PHP supports the following resource limits directives in php.ini file:
- max_execution_time : Maximum execution time of each script, in seconds.
- max_input_time : Maximum amount of time each script may spend parsing request data.
- memory_limit : Maximum amount of memory a script may consume.
Edit php.ini, enter:
# vi /etc/php.ini
Set up values as follows:
max_execution_time = 30 max_input_time = 30 memory_limit = 40M
Set maximum size of POST data that PHP will accept:
post_max_size = 8M
Set maximum allowed size for uploaded files:
upload_max_filesize = 2M
Turn on or off HTTP file uploads (disallow uploading unless necessary):
file_uploads = Off
Make sure PHP redirects appropriately with the following:
cgi.force_redirect = 0
Disable file requests as fopen calls with the following
allow_url_fopen = Off
Turn on SQL safe mode:
sql.safe_mode = O
Reload Apache web server:
# service httpd reload
OR
Reload lighttpd web server:
# /etc/init.d/lighttpd reload
Note any attempt to exceed these limits will result in a "500 Server Error".
Featured Articles:
- 30 Handy Bash Shell Aliases For Linux / Unix / Mac OS X
- Top 30 Nmap Command Examples For Sys/Network Admins
- 25 PHP Security Best Practices For Sys Admins
- 20 Linux System Monitoring Tools Every SysAdmin Should Know
- 20 Linux Server Hardening Security Tips
- Linux: 20 Iptables Examples For New SysAdmins
- Top 20 OpenSSH Server Best Security Practices
- Top 20 Nginx WebServer Best Security Practices
- 20 Examples: Make Sure Unix / Linux Configuration Files Are Free From Syntax Errors
- 15 Greatest Open Source Terminal Applications Of 2012
- My 10 UNIX Command Line Mistakes
- Top 10 Open Source Web-Based Project Management Software
- Top 5 Email Client For Linux, Mac OS X, and Windows Users
- The Novice Guide To Buying A Linux Laptop
{ 6 comments… read them below or add one }
The most of these settings can be restricted to specific VirtualHosts. For details
see http://www.php.net/manual/en/ini.list.php and http://php.net/manual/en/configuration.changes.modes.php.
You don’t need to reload lighty, you need to reload php-cgi or php-fpm.
@Juan
When you reload Lighttpd it reload php-fastcgi too.
@vivek, do you personally use ‘vi’ to edit files ???? vi sucks. vim rocks.
BTW, isn’t this very basic ? Somebody who reads the manual well b4 setup, knows this. But its funny that there are ppl who don’t do that LOL.
@others, you may also be interested in this -Apache2, PHP, mod_fastcgi and SuExec
@Nilesh: vi is aliased to vim. On production server I do not install vim and just use whatever is shipped with distro. Less is better :)
@vivek, vi is ok for editing simple config files. but its WORST for editing config files like those of apache. vi cannot highlight whereas vim can.
vi is not always symlinked to vim. in my system (Arch) its linked to ex. and it sucks to core.
I’ve removed it, and set $EDITOR globally to vim. even on my VPS I use vim instead of vi. :)
BTW, where’s the global comment feed ?