PHP Config Help Please

Hello all! My current Server environment report is as follows:

PHP version 7.3.13
MySQL version 10.2.30 (10.2.30-MariaDB-log-cll-lve)
PHP post_max_size 512M
PHP upload_max_filesize 512M
PHP max_input_vars 8000
PHP max_execution_time 120

cURL version 7.62.0
SSL version OpenSSL/1.0.2k
Suhosin enabled No
Imagick support Yes
EXIF support Yes
GZip support Yes
mbstring support Yes
gmp support Yes
ZipArchive support Yes

1) What would be the best values to set that are bold? These are just my hosting company's default values. Would they cause a security risk being set to high?
2) What is the best PHP versions to use? I can also set it to PHP 7.4.
3) Should I/do I need to enable allow_url_fopen in my PHP options via cPanel? It says "Allow PHP file functions to retreive data from remote locations of FTP or HTTP. This option is a great security risk, thus do not turn it on without necessity!"

Any help or advice from you guys it much appreciated! Thank you! :)
 

JonathanW

Well-known member
They all look fine to me except maybe "upload_max_filesize". I don't think you really want people uploading 500M files to your forum, though as long as it's lower in XF itself you're fine there. Something like 20-30M is still high, but a lot more reasonable.
 
They all look fine to me except maybe "upload_max_filesize". I don't think you really want people uploading 500M files to your forum, though as long as it's lower in XF itself you're fine there. Something like 20-30M is still high, but a lot more reasonable.
Thanks Jonathan! I'll lower it, that makes sense to me :)(y) What about using PHP7.4 and allow_url_fopen?
 
Last edited:

djbaxter

Well-known member
Thanks for the reply! So allow_url_fopen is indeed safe to turn on? Is it required?

I just see the latest update for XenForo recomends PHP 7.3.x (y) :)
It's recommended if you want Xenforo to unfurl links.

Example: I type https://xenforo.com and unfurl does this:

 
Top