MultiPHP INI Editor for WHM
Valid for versions 82 through the latest version
Version:
82
Last modified: 2025 March 11
Looking for this interface?
Your hosting provider can enable or disable this interface for resellers in WHM's Edit Reseller Nameservers and Privileges interface (WHM >> Home >> Resellers >> Edit Reseller Nameservers and Privileges).
Overview
This interface allows you to configure file directives for a PHP version. These directives control how that version of PHP behaves - for example, whether it limits scripts’ abilities to access or execute local files. You can configure basic directives in the Basic Mode tab of this interface, or add new directives in the Editor Mode tab.
cPanel users can view information about the server’s PHP configuration in cPanel’s MultiPHP INI Editor interface (cPanel » Home » Software » MultiPHP INI Editor).
MultiPHP INI Editor
Basic Mode
The Basic Mode section of this interface loads the directive values from the php.ini file for the version of PHP that you select from the Configure basic settings of a PHP version menu. The following basic directives are available if the selected version of PHP supports them:
| Directive | Description | Default value |
|---|---|---|
allow_url_fopen |
This directive determines whether PHP scripts can use URL-aware fopen wrappers. |
Enabled |
allow_url_include |
This directive determines whether PHP scripts can use URL-aware fopen wrappers with the following functions:
Note:
This directive was deprecated in PHP 7.4.
|
Disabled |
asp_tags |
This directive determines whether PHP scripts can use ASP-like tags in addition to PHP tags.
Note:
|
Disabled |
display_errors |
This directive determines whether PHP displays errors as output or hides them from the user. | Disabled |
enable_dl |
Select whether scripts can call the dl function. This function dynamically loads a PHP extension at runtime.
Warning:
If you set this directive to Enabled, it poses security risks to your server. We strongly recommend that you select Disabled unless you absolutely require the
dl function.
|
Disabled |
file_uploads |
This directive determines whether your PHP scripts can upload HTTP files. | Disabled |
magic_quotes_gpc |
Select whether PHP automatically escapes certain characters with a backslash (\).
Note:
This directive was deprecated in PHP 5.3.
|
Disabled |
max_execution_time |
This directive determines the maximum amount of time, in seconds, that your server allows a script to run before your server terminates it. You can use this directive to limit the amount of memory that poorly-written scripts can use. | 30 |
max_input_time |
This directive determines the maximum amount of time, in seconds, that your server allows a script to parse input data. | -1 |
max_input_vars |
This directive determines the maximum number of input variables per request. Use this directive to deter Denial of Service (DoS) attacks that use hash collisions on input variable names. | 1000 |
memory_limit |
This directive determines the maximum amount of memory, in bytes, that scripts can allocate. This directive helps prevent poorly-written scripts from consuming too much memory.
Note:
Use the character
M to define the limit in megabytes.
|
cPanel & WHM adjusts this setting at the time of install, based on system memory:
|
post_max_size |
This directive determines the maximum size of post data that the system allows, in bytes. This directive affects file uploads.
Note:
|
8M |
register_globals |
This directive determines whether GET or POST input converts into variables that the script can use.
Note:
This directive was deprecated in PHP 5.4.
|
Disabled |
safe_mode |
This directive determines whether to enable safe mode. Safe mode increases security for PHP scripts and enables user, group, and environment checks and controls.
Note:
This directive was removed in PHP 5.4.
|
Disabled |
session.save_path |
This directive determines the directory where your server stores the files that PHP creates. To learn more about this directive, read the PHP session files section below. | NULL |
session.gc_maxlifetime |
This directive determines the maximum amount of time, in seconds, for the lifetime of a session file. If a session lasts longer than the session.max_lifetime, the system marks it for deletion the next time that it performs a session cleanup. Each version of PHP that you install on the system uses this setting. To learn more about this directive, read the PHP session files section below.
Note:
Session files can exist on the filesystem for longer than the
session.max_lifetime setting. Because session cleanup occurs every 30 minutes, a session file could exist for up to its session.max_lifetime value plus 30 minutes.
|
1440 (24 minutes) |
session.gc_probability |
Because a cron job cleans up the session files, the system does not require this setting. If you enable this setting, PHP will attempt to delete expired files. This will fail. | 0 |
session.gc_divisor |
Because a cron job cleans up the session files, the system does not require this setting. If you enable this setting, PHP will attempt to delete expired files. This will fail. | 0 |
upload_max_filesize |
This directive determines the maximum file size for an upload, in bytes.
Note:
Use the character
M to define the limit in megabytes.
|
2M |
zlib.output_compression |
This directive determines whether to transparently compress pages when the browser sends an Accept-Encoding: gzip or deflate header. |
Disabled |
Make your changes to the desired directives and click Save.
The system saves the settings to the /opt/cpanel/<your_php_package>/root/etc/php.ini file, where <your_php_package> represents the name of the PHP package that contains the .ini file that you wish to edit.
PHP session files
The system saves PHP session files in the /var/cpanel/php/sessions directory by default, though you can update this path with the session.save_path directive. EasyApache 4 automatically creates subdirectories based on your server’s existing version of PHP. If multiple versions of PHP exist on the system, a subdirectory exists for each version of PHP.
PHP cleans up files that have existed longer than the session.gc_maxliftime directive with the clean_user_php_sessions script. You also run this script yourself.
Do not change the session.save_path directive to the /tmp directory or a directory that other users or programs use. If you change the session.save_path setting’s value to another directory, the system will change the directory’s permissions to 1733. 1733 permissions allow the following file actions:
- The file owner can read, write, and execute files.
- Users who don’t own the file can write and execute, but cannot read files.
This will likely break other programs’ functionality.
If you must use the /tmp directory for your PHP session files, create a subdirectory under the /tmp directory to save them.
Editor Mode
- Exercise extreme caution when you make changes in this interface, because errors could result in non-functional PHP scripts. Only advanced users should use this interface.
- Do not use the following reserved terms as directives:
nullyesnotruefalseonoffnone
- Directives cannot contain any of the following special characters:
?,{},|,&,~,!,[,(),^, or". - The following values set the directive value to
"":null,off,no, andfalse. - The following values set the directive value to
1:on,yes, andtrue. - To learn more about what directives are available for your PHP version, search the php.net documentation.
The Editor Mode section of this interface loads the contents of the php.ini file for your selected version of PHP. Make your changes to the desired directives and click Save.
The system saves the settings to the /opt/cpanel/<your_php_package>/root/etc/php.ini file, where <your_php_package> represents the name of the PHP package that contains the .ini file that you wish to edit. The interface attempts a rudimentary validation of directive names to ensure that they follow the proper format. This does not guarantee that your PHP installation will function.
To reset your PHP settings to default values, delete the PHP version’s php.ini file.