Page tree
Skip to end of metadata
Go to start of metadata

For cPanel & WHM version 66

(Home >> Service Configuration >> PHP Configuration Editor)


The PHP Configuration Advanced Editor includes all PHP configuration options that are available for your version of PHP.

Directives List

You should exercise extreme caution when changing any of the values as this could result in non-functioning PHP scripts.

Click Save after you make your changes.

This is not an exhaustive list; please consult the PHP documentation above for more information.

extension_dirAssigns a directory for PHP extensions. These extensions contain functions that a PHP script can call when your server executes it
include_pathLists a path or paths where your PHP functions will look for files when a script calls certain functions. You can separate the directory paths with a colon (:) in a *nix system or a semicolon (;) in the Windows® environment. (For example: .:/example/path1:/example/path2)
file_uploadsDescribes whether HTTP file uploads are possible for your PHP scripts. Select Off to disallow file uploads or On to allow them. This directive defaults to On.
asp_tagsAllows PHP scripts to use ASP-like tags in addition to the usual tags. This includes the variable-value printing shorthand of <%= $value %>.
memory_limitLimits the amount of memory that scripts can allocate, described in bytes. This aids in preventing poorly written scripts from using too much memory. Use the character ‘M’ to define the limit in Megabytes. (For example: 32M limits the allocation of memory to 32 Megabytes - the default setting.)
post_max_sizeSpecifies how much data your server allows PHP to take from a user via post requests through Apache.

This defines whether or not your server allows the following variables to be defined as global: Environment, GET, POST, Cookie, and Server. Global variables are accessible at every level of the application. Select Off or On. This directive defaults to Off


This is a deprecated feature that, if you enable it, poses serious security risks for your server. We strongly recommend that you leave this directive set to Off

upload_max_filesizeDefines the maximum file size for an upload in bytes. Use the character ‘M’ to define the limit in Megabytes. (For example: 2M limits the file size to two Megabytes — the default setting.)
upload_tmp_dirSpecifies the directory for storing temporary files that users upload through PHP.
display_errorsSelects whether to display errors that occur during the execution of a PHP script. If you enable this feature, it may expose your server to some security risks. When your server displays the error information, an attacker can view valuable information about the error. In most cases this option should be left disabled. Use log_errors and error_log instead.
error_logDefines the path to the error log file. You should use this log file to check errors rather than using display_errors.
error_reportingDefines the level of error that your server records.
log_errorsSelects whether to log the errors that occur when your server executes a PHP script. This is preferable to, and more secure than, display_errors.
allow_url_fopenEnables or disables the fopen() function. This function is responsible for accessing remote files. We do not recommend that you enable fopen() due to the security risk.
max_execution_timeDefines, in seconds, the maximum amount of time that your server allows a script to run before your server terminates it. This feature prevents excessive CPU usage on your server by poorly written scripts. This directive defaults to 30.
disable_functionsAllows you to disable PHP functions that you do not want enabled on your server. To use this feature, enter the function name separated by a comma ( ,). (Example: function1, function2...Safe Mode does not affect this feature.
max_input_timeDefines the maximum amount of time, in seconds, your server allows a script to parse input data. This directive defaults to 60.

If you set this directive to On, it allows users to employ the dl function in their scripts, which dynamically loads a PHP extension at runtime. 


If you set this directive to On , it poses security risks to your server. We recommend you turn it Off unless it is absolutely necessary that you enable it.

safe_modeThis feature prevents the execution of a PHP script by a user that does not own the script. For example, if the user cPanel1 owns example.php, your server will not allow a user known by another alias to execute example.php.


Do not edit this optionApache configures the open_basedir option.

safemode_includedirDefines a directory that safe_mode does not affect. You should add your PEAR and PECL libraries to this directory. You should add your PEAR and PECL libraries to this directory.
session.save_pathDefines the path where your server stores files created by PHP. If you use the default handler, the default value is /tmp.


Do not enable this feature unless absolutely necessary. This will prevent users who do not own the database from accessing the database. The net effect will be the failure of many programs and applications, such as shopping carts or content managers, that access databases for normal operation.

Additional documentation