PHP Settings?


#1

Where can I go to view the PHP Settings for my host?


#2

Create a page called (say) info.php containing the following line;

<?php phpinfo() ?>

Browse to this page and you will see your current PHP configuration details.

Mark


Save [color=#CC0000]$50[/color] on DreamHost hosting using promo code [color=#CC0000]PRICESLASH[/color] ( Click for promo code details )


#3

http://php.dreamhosters.com/


Get [color=#CC0000]$97[/color] Off with promo code :[color=#CC0000]97USD[/color] :cool: choose your plan


#4

ok, i created the php file in notepad and saved to my web root. for some reason the page just displays the code, can u tell me what i did wrong.


#5

make sure the file has the filetype of “.php”…

–rlparker


#6

Do you have Windows configured to hide known file extensions? By default it is set this way and Notepad would actually save the document as “info.php.txt” unless you select “All File Types” and put “info.php” in quotes.

I can think of no other reason this would be happening.


#7

you can also change the setting by DH --> Manage Domain --> Edit Web Hosting. To see your PHP setting, use PHP code phpinfo

Save [color=#CC0000]$97[/color] (max discount) on dreamhost by using promo code: [color=#CC0000]97MONEY[/color].


#8

I saved the file type like you said and uploaded the new version. check out the url to see the result:

my first php reference. LOL


#9

Good Job! But now that you have accomplished that, you should understand that, while the basic PHP configuration information for default DH PHP installations is readily available, good security practice requires that you not make the output of your installed phpinfo() publicly available.

This is because “raw” system paths are displayed, which advertise potential vectors for “black hat” vandals to use in attacking your directories, and that can lead to your server being exploited.

There are lot’s of ways you can “protect” this information, but until you learn your way around, probably the easiest method is to just rename your “info.php” file to something that will not be executed by the web server when someone browses to it (for instance “info.txt”). A visitor viewing “info.txt” will only see the “phpinfo()” command, and know what it is for, but will not be able to execute it and discover your full system paths. You can always name it back to “info.php” and view it yourself if you need to see the output; just rename it again when you are done. Just a tip! :wink:

As you become more experienced with the way the server handles pages and the security that is available to you, you can do other things, like putting the “info.php” file in a password-protected directory (via .htaccess - See Control Panel–>Goodies–>.htaccess/ webdav), but for now, you should just know that you should not leave it publicly visible in that form.

–rlparker


#10

This will not show the PHP configuration details for the original posters server, which is what he wanted to know. The PHP configuration can and does vary between domains.

Mark


Save [color=#CC0000]$50[/color] on DreamHost hosting using promo code [color=#CC0000]PRICESLASH[/color] ( Click for promo code details )