HSTS or HTTP Strict Transport Security provides an extra layer of security for HTTPS (SSL / TLS) traffic by preventing HTTPS connections from being downgraded to HTTP, which is …
Read More
DocumentRoot defines the folder for which the content of your website is located in the server. You can set the value in the main configuration for the default website …
Read More
Maximum upload file size for PHP is bound to the lowest value of both post_max_size and upload_max_filesize directives in your configuration. post_max_size affects maximum file upload size as file upload is normally an HTTP POST operation.
post_max_size
Maximum size of POST data that PHP will accept.
Its value may be 0 to disable the limit.
It is ignored if POST data reading is disabled through enable_post_data_reading.
upload_max_filesize
Maximum allowed size for uploaded files.
You can update your PHP configuration file for these two directives to the values that fit your requirement and then restart your web server.
The following example allows for file upload of not more than 200MB.
post_max_size = 200M upload_max_filesize = 250M
Alternatively, you can add the following lines in your .htaccess and the setting will apply to scripts from within the .htaccess‘ directory.
php_value upload_max_filesize 200M php_value post_max_size 250M
Restart Apache for the changes to take effect.
PHP scripts are only allocated a certain amount of memory that it can use, and whet it reaches the limit, it will produce the following error;
PHP Fatal error: Allowed memory size of xxxx bytes exhausted (tried to allocate yyyy) in yourscript.php
To fix this, you’ll need to increase the memory limit for PHP scripts using any of the following methods;
SSH is by default configured to allow password login. You can disable password authentication if you’re in favour of public key authentication by following these steps;
PasswordAuthentication to no in /etc/ssh/sshd_config
PasswordAuthentication no
SSH
Apache‘s reverse proxy is an act of an Apache webserver providing content from other webserver transparently. This is useful in many instances such as caching and mirroring, but it’s mostly used to serve websites that are hosted behind NAT or a firewall. A reverse proxy server routes connection addressed to the internal server, and the client sees the reverse proxy server itself as the origin server.
For example, Apache can be configured to serve URL‘s such as http://www.example.com/webapp to actually get the content from http://192.168.0.10/myapp, which is hosted from an internal network. This happens transparently and the user initially requesting http://www.example.com/webapp need not to be aware of what happens in the background.
Certain SSH server is configured to not allow root login mainly due to security and audit reason. You can disallow root login to your server with these simple steps;
PermitRootLogin to no in /etc/ssh/sshd_config
PasswordAuthentication no
SSH
You can make your SSH server to run on multiple ports by adding more of the Port options in your SSHd the configuration file.
For example, having these lines in /etc/ssh/sshd_config will make the SSH server to run on both port 22 and 2222.
Port 22 Port 2222
You’ll need to reboot your SSH server after making the change.
You could get the following warning if timezone is not configured for PHP when using date related function such as date() or date_default_timezone_get().
Warning: date(): It is not safe to rely on the system’s timezone settings. You are *required* to use the date.timezone setting or the date_default_timezone_set() function. In case you used any of those methods and you are still getting this warning, you most likely misspelled the timezone identifier. We selected the timezone ‘UTC’ for now, but please set date.timezone to select your timezone. in /path/to/your/script.php on line 3
You can configure timezone for PHP by setting up date.timezone in your configuration file to any of the supported timezones. You can view the list of supported timezones from PHP‘s official documentation.
The following example sets the timezone to America/Los_Angeles
[Date] ; Defines the default timezone used by the date functions ; http://php.net/date.timezone date.timezone = America/Los_Angeles
If you’re using PHP 5.1.0 or later, you can you can independently set the timezone for each of your PHP script by calling the date_default_timezone_set function with the timezone as the parameter.
bool date_default_timezone_set ( string $timezone_identifier )
The example below sets the timezone for the rest of the script to America/Los_Angeles.
<?php date_default_timezone_set('America/Los_Angeles'); ?>
Don’t forget to restart your webserver after changing the PHO configuration file for the changes to take effect.
