PHP php.ini file in the public root directory? it's safe enough

Question

PHP php.ini file in the public root directory? it's safe enough

I heard when you want to change php.ini settings, when you do not have access to php.ini at the root level, which you can upload php.ini to the web root, is that right?

Another way to configure PHP settings is to create a file with a name php.iniand upload it to your web server. This works similar to a file .htaccess, except that you do not need to add "php_value" at the beginning of the line

if this is correct, it means that anyone who prints

www.xx.com/php.ini

should see the settings? Isn't that a security risk?

+5

php

mahen3d Sep 06 '12 at 7:02

source share

3 answers

Anirudh Ramanathan · Answer 1 · 2012-09-06T07:05:32+0000

I would like to use ini_set instead of placing php.ini there.

, .htaccess. -

<Files php.ini>
Order allow,deny
Deny from all
</Files>

- www.xx.com/php.ini

Bashevis · Answer 2 · 2012-09-06T07:06:32+0000

, . , php.ini, .htaccess, .

Rich bradshaw · Answer 3 · 2012-09-06T07:04:50+0000

I would either use .htaccess if in Apache, or if I had to use php.ini, use .htaccess to protect it.

PHP php.ini file in the public root directory? it's safe enough

More articles: