Security for PHP

Video Transcript

In this class, we’re going to look at some of the security related PHP settings that you might have access to, or after going through this class, you’ll at least know what to ask your hosting service.

If you do not have access to these. Now, these will be located within your control panel. And in this class, I’m going to demonstrate this using cPanel, as well as direct admin, just for comparison purposes. Now, since this class deals with items after you’ve installed WordPress, before you do most any of these items, make sure that you have a fresh full backup of both your database and your WordPress files, you know, just in case. Now before we go any further and log into our control panels, I want to show you how you can check from within your WordPress site, what your current version of PHP is, I’ve already logged into my admin area here, go to the dashboard. And we want to go into tools and the site health.

And if you are working on a lower than recommended version of PHP, it’s going to show up here in your recommended improvements. And right here it is, it shows me the version that I’m currently working in. And if we click on this, it will tell us what the minimum recommended version is currently, at the time that you were taking this class, these numbers might be different. And of course, if you want to learn more about updating PHP, we got a link here for you. That takes you to the support section of wordpress.org. And here’s the site I’m going to use to demonstrate the direct admin control panel. and here also, I’ve logged into my admin dashboard. Let’s go to the site health section here under Tools. And I’ve got an even older version here.

But the same thing, it tells you the current version at the time that you’re checking out this class, the current version of PHP, you should be using it, let’s go and check this out to one or more recommended modules are missing. This deals also with PHP. So let’s put a pin in this file info in imagick. We’ll see if we can fix this Also, while we’re in the PHP section of direct admin. So let’s go into cPanel. First, you will head to the software section. And in my cPanel control panel, that’s where the Select PHP version is that quote and click on that. And if you want, go ahead and get a screen grab of all of these items here that are listed in the extensions before you make any changes that way in case you have to come back and double check to make sure you’ve got all the original items checked in case you have to revert to the original PHP version, you know, in case something breaks, whenever you update it, if you have a screen grab of these, then you’ll know which ones needed to be checked, just in case.

So we hit the drop down here and at the time of this class, and we can see here the current stable version. Now in some control panels, you might have a higher numbers listed with beta in parentheses, you don’t want to mess with those. Let’s go ahead and use the maximum, I’m going to select that one, then click on Set as current and then go back into our site. And if we refresh, okay, we’ve got something else here with performance. This has to do with PHP, I believe that’s in the options or Settings section, the settings for post max size is smaller than the upload MAX SIZE. Okay, so let’s head on back over here to cPanel. And that’s under options.

It might say settings, go into options. And post size, we’ll just up that to 256. And in here, there’s nothing to save, so long as you get to the green notice and not an orange or red. Notice you’re in good shape. Going back to our site, refresh. And that’s gone. So we’re good to go. Now, let’s head on over to direct admin, which is just like cPanel insofar as it’s a control panel, but it has pretty much all the same stuff only they’re different looking. So we want to come on down here. And in the extra features section. Look for a select PHP version, go ahead and click on that open it. And here we have the extensions.

And then over here we have this settings, which is the same thing as options in cPanel. And we’ve got the file info missing and the imagick. Where’s that at here, right here. So let’s go ahead and change or update the PHP version first, because a lot of times that will in and of itself, fix those extensions that are missing. Also under Settings. We want to upgrade the upload max file size from two Meg’s to either 128 or 256. We also want to make sure that the log errors are toggled on. We’ll get back to this here in a bit. Let’s come on back to the extensions. Hit the drop down and go from the current to the maximum available stable version right now.

You see it automatically too. File info. And what about imagick? Yep, enter did that one also. So just by updating the PHP version, a lot of times those missing modules or extensions will automatically be added. Go and click on Set as current. See, right, there’s a current one. There we are. Double check to make sure they’re still ticked. Yep, we’re good. And if not, then just tick those boxes, and then click on Save. Now let’s go into the settings. You see the upload max file size automatically updated itself. Log errors are still on. So we’re good. And if you did have any changes in here you needed to make Be sure to click on Save. Let’s go back into our site. And let’s do a quick refresh. And we’re good. Fantastic. Now back in cPanel. Here is the log errors.

This is what you want to make sure that you have checked because it’s possible that the default setting is not checked. Well, that’s going to bring us to the end of this class on updating your PHP version for better site performance and security. Thanks for checking it out and you have a great day.