LLMpediaThe first transparent, open encyclopedia generated by LLMs

php.ini

Generated by GPT-5-mini
Note: This article was automatically generated by a large language model (LLM) from purely parametric knowledge (no retrieval). It may contain inaccuracies or hallucinations. This encyclopedia is part of a research project currently under review.
Article Genealogy
Parent: OPcache Hop 4
Expansion Funnel Raw 85 → Dedup 0 → NER 0 → Enqueued 0
1. Extracted85
2. After dedup0 (None)
3. After NER0 ()
4. Enqueued0 ()
php.ini
Namephp.ini
Titlephp.ini
AuthorRasmus Lerdorf
DeveloperPHP Group
Released1995
Latest release versionconfiguration file for PHP
Programming languageC (programming language)
Operating systemUnix-like; Microsoft Windows
LicensePHP License

php.ini is the primary configuration file used by the PHP interpreter to control runtime behavior for Apache HTTP Server modules, NGINX, Microsoft IIS, and command-line interface invocations on systems such as Debian, Ubuntu, Red Hat Enterprise Linux, Fedora, CentOS, Alpine Linux, and Windows Server. It centralizes directives affecting extensions like PDO (PHP Data Objects), mysqli, curl, and GD (software) and interacts with systems such as Docker, systemd, SELinux, and AppArmor to shape deployment characteristics.

Overview

php.ini is parsed by the Zend Engine at startup to set configuration options including error handling, resource limits, extension loading, and input/output behavior. Administrators and developers tune settings that influence frameworks like Laravel (web framework), Symfony (web framework), Drupal, WordPress, Joomla!, and runtime libraries such as Composer (software). The file format is line-oriented with sections and key-value assignments; values can be overridden at runtime via directives in server APIs such as FastCGI, per-directory files like .htaccess, or environment managers like PHP-FPM pools.

Configuration directives

Directives fall into categories: error and logging (e.g., display_errors, log_errors), resource management (max_execution_time, memory_limit), file uploads (upload_max_filesize, post_max_size), data handling (default_charset, mbstring.func_overload), session management (session.save_path, session.cookie_httponly), extension control (extension=, zend_extension=), and date/time (date.timezone). These interact with libraries and services such as OpenSSL, SQLite, MySQL, PostgreSQL, Redis, Memcached, and APIs like SOAP (Simple Object Access Protocol), XML-RPC. Directive values can be booleans, integers, strings, or arrays, and many are scanned by the PHPUnit test-suite and runtime checks in opcache and xdebug when present.

File locations and loading order

On Linux distributions managed by packages from Debian or Red Hat, system-wide php.ini typically lives in /etc/php/*/cli or /etc/php/*/fpm; Windows installations place it in the PHP installation directory (e.g., C:\PHP). The interpreter locates php.ini using compile-time defaults in the phpinfo() output, with search order influenced by environment variables such as PHPRC, server binary working directory when launched by systemd units or IIS worker processes, and SAPI-specific locations for Apache HTTP Server modules vs PHP-FPM. Additional configuration is frequently provided through conf.d directories containing files named like 20-extension.ini, which obey lexical ordering similar to the include mechanisms in GNU libc and systemd drop-in snippets.

Editing and best practices

Back up the live php.ini before changes and prefer small, incremental edits. Use version control systems such as Git to track changes and tie edits to issue trackers like Jira or Redmine and CI pipelines in Jenkins or GitLab CI/CD. Validate modifications with php -i and php -m, and test with web servers like Apache Tomcat (proxying), NGINX Unit, or scripted test harnesses using Behat and Selenium (software). For multi-environment deployments, follow twelve-factor principles and store environment-specific overrides in Consul (software), Vault (software), or through orchestration tools like Kubernetes ConfigMaps and Ansible playbooks.

Security and performance considerations

Security-sensitive directives include disable_functions, open_basedir, allow_url_fopen, and session.cookie_secure; they reduce attack surface against vulnerabilities reported to CVE and monitored by teams such as CERT Coordination Center and vendors like Red Hat. Performance tuning often involves opcache settings, realpath_cache_size, and memory_limit adjustments to support application stacks running Composer (software)-managed dependencies and ORMs connecting to Doctrine (PHP) or Eloquent (Laravel). In containerized environments, coordinate resource limits with cgroups and scheduling policies in Kubernetes and use observability tooling from projects like Prometheus and Grafana to detect regressions. Hardened deployments combine TLS configuration from Let's Encrypt or enterprise CAs, process isolation with chroot or user namespaces, and runtime mitigations like Address Space Layout Randomization provided by kernels such as Linux kernel.

Troubleshooting and diagnostics

Use php -v, php -i, and php --ini to confirm the active configuration file and loaded extensions; consult phpinfo() output served from a controlled endpoint for environment-specific values. When debugging memory or execution limits, review system logs via rsyslog or journald and webserver logs from Apache HTTP Server or NGINX access/error logs. For extension failures, inspect build tools like autoconf and make and package managers such as APT and YUM/DNF; trace issues with debuggers like gdb or analyzers such as Valgrind and use profilers like XHProf or Blackfire.io for performance hotspots.

Category:PHP