php.ini Einstellungen für PHP auf Windows

Für alle die ab und an php auf windows manuell einrichten und sich fragen welche settings man nochmal am besten in der php.ini Datei machen sollte.




Disable safe mode


Restrict where PHP processes can read and write on a file system.


Hide presence of PHP


Limit script execution time


Limit memory usage and file sizes


Configure error messages and logging. You can set display_errors=On for developer machine on a server you should turn it off.

Make sure the IIS application pool identity has write access to the log file.


This setting disables register_globals, which prevents PHP from injecting your scripts with global variables that are defined based on Web request data.


Sets max size of post data allowed. This setting also affects file upload.


This setting specifies a location for PHP extensions. Typically for PHP 5.2.x,you use the following values for this setting: extension_dir="./ext" -or- extension_dir="C:\Program Files\PHP\ext"


You must turn this off under IIS. Left undefined, PHP will turn this on by default. IIS takes care of CGI handling.


This provides PATH_INFO/PATH_TRANSLATED support for CGI. The previous behavior of the PHP CGI module was to set PATH_TRANSLATED to SCRIPT_FILENAME, and to ignore the PATH_INFO setting. For information about PATH_INFO, see the CGIspecification. Changing this setting to 1 causes the PHP CGI to fix its paths toconform to the specification.


FastCGI under IIS supports the ability to impersonate security tokens of the calling client. This setting allows IIS to define the security context that the request runs under. |


A PHP request to the IIS FastCGI module will fail if any data is sent on stderr by using the FastCGI protocol. DisablingFastCGI logging prevents PHP from send- ing error information over stderr, whichprevents the Web server from sending HTTP 500 response codes to the client.


The temporary directory used for storing files when doing file upload. Must be writable by whatever user PHP is running as. If not specified PHP will use the system's default (%systemroot%\temp).

Sample: upload_tmp_dir="C:\php\tmp"


Disable remote URLs for file handling functions, which may cause code injection vulnerabilities.


The default timezone used by all date/time functions if the TZ environment variable isn't set. The precedence order is described in the date_default_timezone_get() page. See List of Supported Timezones for a list of supported timezones.

Annot: Seen this to cause http 500 errors on iis via fastcgi if missing. Sample value e.g. date.timezone = "Europe/Berlin"


session.save_path defines the argument which is passed to the save handler. If you choose the default files handler, this is the path where the files are created. This directory must not be a world-readable directory (i.e. don't publish via WWW)

Sample: session.save_path ="C:\php\session"