scottdriscoll/php.ini

## php.ini
[Session]
; Handler used to store/retrieve data.
; http://php.net/session.save-handler
session.save_handler = files

; Argument passed to save_handler.  In the case of files, this is the path
; where data files are stored. Note: Windows users have to change this
; variable in order to use PHP's session functions.
;
; The path can be defined as:
;
;     session.save_path = "N;/path"
;
; where N is an integer.  Instead of storing all the session files in
; /path, what this will do is use subdirectories N-levels deep, and
; store the session data in those directories.  This is useful if you
; or your OS have problems with lots of files in one directory, and is
; a more efficient layout for servers that handle lots of sessions.
;
; NOTE 1: PHP will not create this directory structure automatically.
;         You can use the script in the ext/session dir for that purpose.
; NOTE 2: See the section on garbage collection below if you choose to
;         use subdirectories for session storage
;
; The file storage module creates files using mode 600 by default.
; You can change that by using
;
;     session.save_path = "N;MODE;/path"
;
; where MODE is the octal representation of the mode. Note that this
; does not overwrite the process's umask.
; http://php.net/session.save-path
;session.save_path = "/var/lib/php5"

; Whether to use cookies.
; http://php.net/session.use-cookies
session.use_cookies = 1

; http://php.net/session.cookie-secure
;session.cookie_secure =

; This option forces PHP to fetch and use a cookie for storing and maintaining
; the session id. We encourage this operation as it's very helpful in combating
; session hijacking when not specifying and managing your own session id. It is
; not the end all be all of session hijacking defense, but it's a good start.
; http://php.net/session.use-only-cookies
session.use_only_cookies = 1

; Name of the session (used as cookie name).
; http://php.net/session.name
session.name = PHPSESSID

; Initialize session on request startup.
; http://php.net/session.auto-start
session.auto_start = 0

; Lifetime in seconds of cookie or, if 0, until browser is restarted.
; http://php.net/session.cookie-lifetime
session.cookie_lifetime = 0

; The path for which the cookie is valid.
; http://php.net/session.cookie-path
session.cookie_path = /

; The domain for which the cookie is valid.
; http://php.net/session.cookie-domain
session.cookie_domain =

; Whether or not to add the httpOnly flag to the cookie, which makes it inaccessible to browser scripting languages such as JavaScript.
; http://php.net/session.cookie-httponly
session.cookie_httponly =

; Handler used to serialize data.  php is the standard serializer of PHP.
; http://php.net/session.serialize-handler
session.serialize_handler = php

; Defines the probability that the 'garbage collection' process is started
; on every session initialization. The probability is calculated by using
; gc_probability/gc_divisor. Where session.gc_probability is the numerator
; and gc_divisor is the denominator in the equation. Setting this value to 1
; when the session.gc_divisor value is 100 will give you approximately a 1% chance
; the gc will run on any give request.
; Default Value: 1
; Development Value: 1
; Production Value: 1
; http://php.net/session.gc-probability
session.gc_probability = 0

; Defines the probability that the 'garbage collection' process is started on every
; session initialization. The probability is calculated by using the following equation:
; gc_probability/gc_divisor. Where session.gc_probability is the numerator and
; session.gc_divisor is the denominator in the equation. Setting this value to 1
; when the session.gc_divisor value is 100 will give you approximately a 1% chance
; the gc will run on any give request. Increasing this value to 1000 will give you
; a 0.1% chance the gc will run on any give request. For high volume production servers,
; this is a more efficient approach.
; Default Value: 100
; Development Value: 1000
; Production Value: 1000
; http://php.net/session.gc-divisor
session.gc_divisor = 1000

; After this number of seconds, stored data will be seen as 'garbage' and
; cleaned up by the garbage collection process.
; http://php.net/session.gc-maxlifetime
session.gc_maxlifetime = 1440

; NOTE: If you are using the subdirectory option for storing session files
;       (see session.save_path above), then garbage collection does *not*
;       happen automatically.  You will need to do your own garbage
;       collection through a shell script, cron entry, or some other method.
;       For example, the following script would is the equivalent of
;       setting session.gc_maxlifetime to 1440 (1440 seconds = 24 minutes):
;          find /path/to/sessions -cmin +24 | xargs rm

; PHP 4.2 and less have an undocumented feature/bug that allows you to
; to initialize a session variable in the global scope.
; PHP 4.3 and later will warn you, if this feature is used.
; You can disable the feature and the warning separately. At this time,
; the warning is only displayed, if bug_compat_42 is enabled. This feature
; introduces some serious security problems if not handled correctly. It's
; recommended that you do not use this feature on production servers. But you
; should enable this on development servers and enable the warning as well. If you
; do not enable the feature on development servers, you won't be warned when it's
; used and debugging errors caused by this can be difficult to track down.
; Default Value: On
; Development Value: On
; Production Value: Off
; http://php.net/session.bug-compat-42
session.bug_compat_42 = Off

; This setting controls whether or not you are warned by PHP when initializing a
; session value into the global space. session.bug_compat_42 must be enabled before
; these warnings can be issued by PHP. See the directive above for more information.
; Default Value: On
; Development Value: On
; Production Value: Off
; http://php.net/session.bug-compat-warn
session.bug_compat_warn = Off

; Check HTTP Referer to invalidate externally stored URLs containing ids.
; HTTP_REFERER has to contain this substring for the session to be
; considered as valid.
; http://php.net/session.referer-check
session.referer_check =

; How many bytes to read from the file.
; http://php.net/session.entropy-length
;session.entropy_length = 32

; Specified here to create the session id.
; http://php.net/session.entropy-file
; Defaults to /dev/urandom
; On systems that don't have /dev/urandom but do have /dev/arandom, this will default to /dev/arandom
; If neither are found at compile time, the default is no entropy file.
; On windows, setting the entropy_length setting will activate the
; Windows random source (using the CryptoAPI)
;session.entropy_file = /dev/urandom

; Set to {nocache,private,public,} to determine HTTP caching aspects
; or leave this empty to avoid sending anti-caching headers.
; http://php.net/session.cache-limiter
session.cache_limiter = nocache

; Document expires after n minutes.
; http://php.net/session.cache-expire
session.cache_expire = 180

; trans sid support is disabled by default.
; Use of trans sid may risk your users security.
; Use this option with caution.
; - User may send URL contains active session ID
;   to other person via. email/irc/etc.
; - URL that contains active session ID may be stored
;   in publicly accessible computer.
; - User may access your site with the same session ID
;   always using URL stored in browser's history or bookmarks.
; http://php.net/session.use-trans-sid
session.use_trans_sid = 0

; Select a hash function for use in generating session ids.
; Possible Values
;   0  (MD5 128 bits)
;   1  (SHA-1 160 bits)
; This option may also be set to the name of any hash function supported by
; the hash extension. A list of available hashes is returned by the hash_algos()
; function.
; http://php.net/session.hash-function
session.hash_function = 0

; Define how many bits are stored in each character when converting
; the binary hash data to something readable.
; Possible values:
;   4  (4 bits: 0-9, a-f)
;   5  (5 bits: 0-9, a-v)
;   6  (6 bits: 0-9, a-z, A-Z, "-", ",")
; Default Value: 4
; Development Value: 5
; Production Value: 5
; http://php.net/session.hash-bits-per-character
session.hash_bits_per_character = 5

; The URL rewriter will look for URLs in a defined set of HTML tags.
; form/fieldset are special; if you include them here, the rewriter will
; add a hidden <input> field with the info which is otherwise appended
; to URLs.  If you want XHTML conformity, remove the form entry.
; Note that all valid entries require a "=", even if no value follows.
; Default Value: "a=href,area=href,frame=src,form=,fieldset="
; Development Value: "a=href,area=href,frame=src,input=src,form=fakeentry"
; Production Value: "a=href,area=href,frame=src,input=src,form=fakeentry"
; http://php.net/url-rewriter.tags
url_rewriter.tags = "a=href,area=href,frame=src,input=src,form=fakeentry"

; Enable upload progress tracking in $_SESSION
; Default Value: On
; Development Value: On
; Production Value: On
; http://php.net/session.upload-progress.enabled
;session.upload_progress.enabled = On

; Cleanup the progress information as soon as all POST data has been read
; (i.e. upload completed).
; Default Value: On
; Development Value: On
; Production Value: On
; http://php.net/session.upload-progress.cleanup
;session.upload_progress.cleanup = On

; A prefix used for the upload progress key in $_SESSION
; Default Value: "upload_progress_"
; Development Value: "upload_progress_"
; Production Value: "upload_progress_"
; http://php.net/session.upload-progress.prefix
;session.upload_progress.prefix = "upload_progress_"

; The index name (concatenated with the prefix) in $_SESSION
; containing the upload progress information
; Default Value: "PHP_SESSION_UPLOAD_PROGRESS"
; Development Value: "PHP_SESSION_UPLOAD_PROGRESS"
; Production Value: "PHP_SESSION_UPLOAD_PROGRESS"
; http://php.net/session.upload-progress.name
;session.upload_progress.name = "PHP_SESSION_UPLOAD_PROGRESS"

; How frequently the upload progress should be updated.
; Given either in percentages (per-file), or in bytes
; Default Value: "1%"
; Development Value: "1%"
; Production Value: "1%"
; http://php.net/session.upload-progress.freq
;session.upload_progress.freq =  "1%"

; The minimum delay between updates, in seconds
; Default Value: 1
; Development Value: 1
; Production Value: 1
; http://php.net/session.upload-progress.min-freq
;session.upload_progress.min_freq = "1"
	[Session]
	; Handler used to store/retrieve data.
	; http://php.net/session.save-handler
	session.save_handler = files

	; Argument passed to save_handler. In the case of files, this is the path
	; where data files are stored. Note: Windows users have to change this
	; variable in order to use PHP's session functions.
	;
	; The path can be defined as:
	;
	; session.save_path = "N;/path"
	;
	; where N is an integer. Instead of storing all the session files in
	; /path, what this will do is use subdirectories N-levels deep, and
	; store the session data in those directories. This is useful if you
	; or your OS have problems with lots of files in one directory, and is
	; a more efficient layout for servers that handle lots of sessions.
	;
	; NOTE 1: PHP will not create this directory structure automatically.
	; You can use the script in the ext/session dir for that purpose.
	; NOTE 2: See the section on garbage collection below if you choose to
	; use subdirectories for session storage
	;
	; The file storage module creates files using mode 600 by default.
	; You can change that by using
	;
	; session.save_path = "N;MODE;/path"
	;
	; where MODE is the octal representation of the mode. Note that this
	; does not overwrite the process's umask.
	; http://php.net/session.save-path
	;session.save_path = "/var/lib/php5"

	; Whether to use cookies.
	; http://php.net/session.use-cookies
	session.use_cookies = 1

	; http://php.net/session.cookie-secure
	;session.cookie_secure =

	; This option forces PHP to fetch and use a cookie for storing and maintaining
	; the session id. We encourage this operation as it's very helpful in combating
	; session hijacking when not specifying and managing your own session id. It is
	; not the end all be all of session hijacking defense, but it's a good start.
	; http://php.net/session.use-only-cookies
	session.use_only_cookies = 1

	; Name of the session (used as cookie name).
	; http://php.net/session.name
	session.name = PHPSESSID

	; Initialize session on request startup.
	; http://php.net/session.auto-start
	session.auto_start = 0

	; Lifetime in seconds of cookie or, if 0, until browser is restarted.
	; http://php.net/session.cookie-lifetime
	session.cookie_lifetime = 0

	; The path for which the cookie is valid.
	; http://php.net/session.cookie-path
	session.cookie_path = /

	; The domain for which the cookie is valid.
	; http://php.net/session.cookie-domain
	session.cookie_domain =

	; Whether or not to add the httpOnly flag to the cookie, which makes it inaccessible to browser scripting languages such as JavaScript.
	; http://php.net/session.cookie-httponly
	session.cookie_httponly =

	; Handler used to serialize data. php is the standard serializer of PHP.
	; http://php.net/session.serialize-handler
	session.serialize_handler = php

	; Defines the probability that the 'garbage collection' process is started
	; on every session initialization. The probability is calculated by using
	; gc_probability/gc_divisor. Where session.gc_probability is the numerator
	; and gc_divisor is the denominator in the equation. Setting this value to 1
	; when the session.gc_divisor value is 100 will give you approximately a 1% chance
	; the gc will run on any give request.
	; Default Value: 1
	; Development Value: 1
	; Production Value: 1
	; http://php.net/session.gc-probability
	session.gc_probability = 0

	; Defines the probability that the 'garbage collection' process is started on every
	; session initialization. The probability is calculated by using the following equation:
	; gc_probability/gc_divisor. Where session.gc_probability is the numerator and
	; session.gc_divisor is the denominator in the equation. Setting this value to 1
	; when the session.gc_divisor value is 100 will give you approximately a 1% chance
	; the gc will run on any give request. Increasing this value to 1000 will give you
	; a 0.1% chance the gc will run on any give request. For high volume production servers,
	; this is a more efficient approach.
	; Default Value: 100
	; Development Value: 1000
	; Production Value: 1000
	; http://php.net/session.gc-divisor
	session.gc_divisor = 1000

	; After this number of seconds, stored data will be seen as 'garbage' and
	; cleaned up by the garbage collection process.
	; http://php.net/session.gc-maxlifetime
	session.gc_maxlifetime = 1440

	; NOTE: If you are using the subdirectory option for storing session files
	; (see session.save_path above), then garbage collection does not
	; happen automatically. You will need to do your own garbage
	; collection through a shell script, cron entry, or some other method.
	; For example, the following script would is the equivalent of
	; setting session.gc_maxlifetime to 1440 (1440 seconds = 24 minutes):
	; find /path/to/sessions -cmin +24 \| xargs rm

	; PHP 4.2 and less have an undocumented feature/bug that allows you to
	; to initialize a session variable in the global scope.
	; PHP 4.3 and later will warn you, if this feature is used.
	; You can disable the feature and the warning separately. At this time,
	; the warning is only displayed, if bug_compat_42 is enabled. This feature
	; introduces some serious security problems if not handled correctly. It's
	; recommended that you do not use this feature on production servers. But you
	; should enable this on development servers and enable the warning as well. If you
	; do not enable the feature on development servers, you won't be warned when it's
	; used and debugging errors caused by this can be difficult to track down.
	; Default Value: On
	; Development Value: On
	; Production Value: Off
	; http://php.net/session.bug-compat-42
	session.bug_compat_42 = Off

	; This setting controls whether or not you are warned by PHP when initializing a
	; session value into the global space. session.bug_compat_42 must be enabled before
	; these warnings can be issued by PHP. See the directive above for more information.
	; Default Value: On
	; Development Value: On
	; Production Value: Off
	; http://php.net/session.bug-compat-warn
	session.bug_compat_warn = Off

	; Check HTTP Referer to invalidate externally stored URLs containing ids.
	; HTTP_REFERER has to contain this substring for the session to be
	; considered as valid.
	; http://php.net/session.referer-check
	session.referer_check =

	; How many bytes to read from the file.
	; http://php.net/session.entropy-length
	;session.entropy_length = 32

	; Specified here to create the session id.
	; http://php.net/session.entropy-file
	; Defaults to /dev/urandom
	; On systems that don't have /dev/urandom but do have /dev/arandom, this will default to /dev/arandom
	; If neither are found at compile time, the default is no entropy file.
	; On windows, setting the entropy_length setting will activate the
	; Windows random source (using the CryptoAPI)
	;session.entropy_file = /dev/urandom

	; Set to {nocache,private,public,} to determine HTTP caching aspects
	; or leave this empty to avoid sending anti-caching headers.
	; http://php.net/session.cache-limiter
	session.cache_limiter = nocache

	; Document expires after n minutes.
	; http://php.net/session.cache-expire
	session.cache_expire = 180

	; trans sid support is disabled by default.
	; Use of trans sid may risk your users security.
	; Use this option with caution.
	; - User may send URL contains active session ID
	; to other person via. email/irc/etc.
	; - URL that contains active session ID may be stored
	; in publicly accessible computer.
	; - User may access your site with the same session ID
	; always using URL stored in browser's history or bookmarks.
	; http://php.net/session.use-trans-sid
	session.use_trans_sid = 0

	; Select a hash function for use in generating session ids.
	; Possible Values
	; 0 (MD5 128 bits)
	; 1 (SHA-1 160 bits)
	; This option may also be set to the name of any hash function supported by
	; the hash extension. A list of available hashes is returned by the hash_algos()
	; function.
	; http://php.net/session.hash-function
	session.hash_function = 0

	; Define how many bits are stored in each character when converting
	; the binary hash data to something readable.
	; Possible values:
	; 4 (4 bits: 0-9, a-f)
	; 5 (5 bits: 0-9, a-v)
	; 6 (6 bits: 0-9, a-z, A-Z, "-", ",")
	; Default Value: 4
	; Development Value: 5
	; Production Value: 5
	; http://php.net/session.hash-bits-per-character
	session.hash_bits_per_character = 5

	; The URL rewriter will look for URLs in a defined set of HTML tags.
	; form/fieldset are special; if you include them here, the rewriter will
	; add a hidden <input> field with the info which is otherwise appended
	; to URLs. If you want XHTML conformity, remove the form entry.
	; Note that all valid entries require a "=", even if no value follows.
	; Default Value: "a=href,area=href,frame=src,form=,fieldset="
	; Development Value: "a=href,area=href,frame=src,input=src,form=fakeentry"
	; Production Value: "a=href,area=href,frame=src,input=src,form=fakeentry"
	; http://php.net/url-rewriter.tags
	url_rewriter.tags = "a=href,area=href,frame=src,input=src,form=fakeentry"

	; Enable upload progress tracking in $_SESSION
	; Default Value: On
	; Development Value: On
	; Production Value: On
	; http://php.net/session.upload-progress.enabled
	;session.upload_progress.enabled = On

	; Cleanup the progress information as soon as all POST data has been read
	; (i.e. upload completed).
	; Default Value: On
	; Development Value: On
	; Production Value: On
	; http://php.net/session.upload-progress.cleanup
	;session.upload_progress.cleanup = On

	; A prefix used for the upload progress key in $_SESSION
	; Default Value: "upload_progress_"
	; Development Value: "upload_progress_"
	; Production Value: "upload_progress_"
	; http://php.net/session.upload-progress.prefix
	;session.upload_progress.prefix = "upload_progress_"

	; The index name (concatenated with the prefix) in $_SESSION
	; containing the upload progress information
	; Default Value: "PHP_SESSION_UPLOAD_PROGRESS"
	; Development Value: "PHP_SESSION_UPLOAD_PROGRESS"
	; Production Value: "PHP_SESSION_UPLOAD_PROGRESS"
	; http://php.net/session.upload-progress.name
	;session.upload_progress.name = "PHP_SESSION_UPLOAD_PROGRESS"

	; How frequently the upload progress should be updated.
	; Given either in percentages (per-file), or in bytes
	; Default Value: "1%"
	; Development Value: "1%"
	; Production Value: "1%"
	; http://php.net/session.upload-progress.freq
	;session.upload_progress.freq = "1%"

	; The minimum delay between updates, in seconds
	; Default Value: 1
	; Development Value: 1
	; Production Value: 1
	; http://php.net/session.upload-progress.min-freq
	;session.upload_progress.min_freq = "1"