PHP Security: Limit Resources Used By Script

How do I control and put limits on php scripts such as maximum execution time of each script and upload file size?

PHP supports the following resource limits directives in php.ini file:

  1. max_execution_time : Maximum execution time of each script, in seconds.
  2. max_input_time : Maximum amount of time each script may spend parsing request data.
  3. memory_limit : Maximum amount of memory a script may consume.

Edit php.ini, enter:
# vi /etc/php.ini
Set up values as follows:

max_execution_time =  30
max_input_time = 30
memory_limit = 40M

Set maximum size of POST data that PHP will accept:

post_max_size = 8M

Set maximum allowed size for uploaded files:

upload_max_filesize = 2M

Turn on or off HTTP file uploads (disallow uploading unless necessary):

file_uploads = Off

Make sure PHP redirects appropriately with the following:

cgi.force_redirect = 0

Disable file requests as fopen calls with the following

allow_url_fopen = Off

Turn on SQL safe mode:

sql.safe_mode = O

Reload Apache web server:
# service httpd reload
OR
Reload lighttpd web server:
# /etc/init.d/lighttpd reload

Was this answer helpful?

 Print this Article

Also Read

CentOS/RHEL Linux: Remove GDM

How do I uninstall a GUI Gnome login system ( GDM ) from my CentOS Linux v5.5 based server? GDM...

nginx: Setup SSL Reverse Proxy (Load Balanced SSL Proxy)

everse proxy is a proxy server that is installed in a server network. Typically, reverse proxies...

How to change the root Password using SSH

Changing your Root Password Using SSH This article will show you how to change the root...

Change Hostname / Reverse DNS (rDNS) / PTR

To change rDNS/PTR/hostname, please perform these steps: Login to the Clients Area; At the...

mod_setenv: Lighttpd Send Custom Headers

How do I add a header to the HTTP request that was received from the client under Lighttpd web...