diff --git a/CMS/Backend/Fpm-Pool.conf-unconfigured b/CMS/Backend/Fpm-Pool.conf-unconfigured index d351741..fce0e68 100644 --- a/CMS/Backend/Fpm-Pool.conf-unconfigured +++ b/CMS/Backend/Fpm-Pool.conf-unconfigured @@ -5,11 +5,20 @@ listen = /var/run/php/phpPHPver-fpm-Backend.sock listen.owner = www-data listen.group = www-data php_admin_value[disable_functions] = exec,passthru,shell_exec,system -php_admin_value[cgi.fix_pathinfo] = 0 -php_admin_value[max_input_vars] = 10000 -php_admin_value[upload_max_filesize] = 128M -php_admin_value[post_max_size] = 64m -php_admin_flag[allow_url_fopen] = off +php_admin_value[opcache.enable] = 0 +php_admin_value[max_input_vars] = 5000 +php_admin_value[upload_max_filesize] = 256M +php_admin_value[post_max_size] = 16M +php_admin_value[max_input_time] = 15 +php_admin_value[cgi.fix_pathinfo] = 0 +php_admin_value[allow_url_fopen] = Off +php_admin_value[file_uploads] = Off +php_admin_value[open_basedir] = /usr/share/phpmyadmin:/var/lib/phpmyadmin:/etc/phpmyadmin +php_admin_value[session.use_strict_mode] = 1 +php_admin_value[session.cookie_httponly] = 1 +;HTTPSONLY php_admin_value[session.cookie_samesite] = Strict +;HTTPSONLY php_admin_value[session.cookie_secure] = 1 + pm = dynamic pm.max_children = 5 pm.start_servers = 2 diff --git a/CMS/nextcloud/Fpm-Pool.conf-unconfigured b/CMS/nextcloud/Fpm-Pool.conf-unconfigured index 32add02..1a57835 100644 --- a/CMS/nextcloud/Fpm-Pool.conf-unconfigured +++ b/CMS/nextcloud/Fpm-Pool.conf-unconfigured @@ -6,18 +6,36 @@ listen.owner = www-data listen.group = www-data php_admin_value[disable_functions] = exec,passthru,shell_exec,system php_admin_value[error_log] = /var/log/php-fpm/error-SITEname.log -php_admin_value[post_max_size] = 1G +; OPCACHE SETTINGS +php_admin_value[opcache.memory_consumption] = 256 +php_admin_value[opcache.enable] = 0 +php_admin_value[opcache.interned_strings_buffer] = 32 +php_admin_value[opcache.max_accelerated_files] = 50000 +php_admin_value[opcache.max_wasted_percentage] = 5 +php_admin_value[opcache.revalidate_freq] = 0 +php_admin_value[opcache.validate_timestamps] = 1 + +; PERFORMANCE LIMITS +php_admin_value[max_input_vars] = 1000 php_admin_value[upload_max_filesize] = 1G -php_admin_value[memory_limit] = 512M -php_admin_value[apc.enable_cli] = 1 +php_admin_value[post_max_size] = 1G +php_admin_value[max_input_time] = 60 + +; SECURITY php_admin_value[cgi.fix_pathinfo] = 0 -php_admin_value[max_input_vars] = 10000 -php_admin_flag[allow_url_fopen] = off +php_admin_value[allow_url_fopen] = Off +php_admin_value[file_uploads] = on +php_admin_value[open_basedir] = /var/www/DOMAINname/html:/var/run/php/phpPHPver-fpm-SITEname.sock:/var/lib/redis/redis.sock:/proc/meminfo:/proc/cpuinfo:/dev/urandom:/tmp +php_admin_value[session.use_strict_mode] = 1 +php_admin_value[session.cookie_httponly] = 1 +;HTTPSONLY php_admin_value[session.cookie_samesite] = Strict +;HTTPSONLY php_admin_value[session.cookie_secure] = 1 + pm = dynamic -pm.max_children = 120 -pm.start_servers = 12 -pm.min_spare_servers = 6 -pm.max_spare_servers = 18 +pm.max_children = 30 +pm.start_servers = 2 +pm.min_spare_servers = 1 +pm.max_spare_servers = 5 chdir = / env[HOSTNAME] = $HOSTNAME env[PATH] = /usr/local/bin:/usr/bin:/bin diff --git a/CMS/nextcloud/conf.sh b/CMS/nextcloud/conf.sh index 83c3c69..53dc706 100644 --- a/CMS/nextcloud/conf.sh +++ b/CMS/nextcloud/conf.sh @@ -1,6 +1,6 @@ #PHP Pool wget -q -t7 "$repo"/raw/branch/"$branch"/CMS/nextcloud/Fpm-Pool.conf-unconfigured -O /etc/php/"$phpver"/fpm/pool.d/"$sitename".conf -sed -i -e 's/PHPver/'$phpver'/' -e 's/SITEname/'$sitename'/' /etc/php/"$phpver"/fpm/pool.d/$sitename.conf +sed -i -e 's/PHPver/'$phpver'/' -e 's/SITEname/'$sitename'/' -e 's/DOMAINname/'$domain'/' /etc/php/"$phpver"/fpm/pool.d/$sitename.conf groupadd "$sitename" useradd -g "$sitename" "$sitename" diff --git a/CMS/none/Fpm-Pool.conf-unconfigured b/CMS/none/Fpm-Pool.conf-unconfigured index 83c9466..1bc1eb1 100644 --- a/CMS/none/Fpm-Pool.conf-unconfigured +++ b/CMS/none/Fpm-Pool.conf-unconfigured @@ -6,14 +6,34 @@ listen.owner = www-data listen.group = www-data php_admin_value[disable_functions] = exec,passthru,shell_exec,system php_admin_value[error_log] = /var/log/php-fpm/error-SITEname.log +; OPCACHE SETTINGS +php_admin_value[opcache.memory_consumption] = 256 +php_admin_value[opcache.enable] = 0 +php_admin_value[opcache.interned_strings_buffer] = 32 +php_admin_value[opcache.max_accelerated_files] = 50000 +php_admin_value[opcache.max_wasted_percentage] = 5 +php_admin_value[opcache.revalidate_freq] = 0 +php_admin_value[opcache.validate_timestamps] = 1 + +; PERFORMANCE LIMITS +php_admin_value[max_input_vars] = 100 +php_admin_value[upload_max_filesize] = 64 +php_admin_value[post_max_size] = 1 +php_admin_value[max_input_time] = 15 + +; SECURITY php_admin_value[cgi.fix_pathinfo] = 0 -php_admin_value[max_input_vars] = 10000 -php_admin_value[upload_max_filesize] = 128M -php_admin_value[post_max_size] = 64m -php_admin_flag[allow_url_fopen] = off +php_admin_value[allow_url_fopen] = Off +php_admin_value[file_uploads] = Off +php_admin_value[open_basedir] = /var/www/DOMAINname/html +php_admin_value[session.use_strict_mode] = 1 +php_admin_value[session.cookie_httponly] = 1 +;HTTPSONLY php_admin_value[session.cookie_samesite] = Strict +;HTTPSONLY php_admin_value[session.cookie_secure] = 1 + pm = dynamic pm.max_children = 5 pm.start_servers = 2 pm.min_spare_servers = 1 pm.max_spare_servers = 3 -chdir = / +chdir = / \ No newline at end of file diff --git a/CMS/none/conf.sh b/CMS/none/conf.sh index ee108b9..b8bea40 100644 --- a/CMS/none/conf.sh +++ b/CMS/none/conf.sh @@ -1,6 +1,6 @@ #Backend PHP Pool wget -q -t7 "$repo"/raw/branch/"$branch"/CMS/none/Fpm-Pool.conf-unconfigured -O /etc/php/"$phpver"/fpm/pool.d/"$sitename".conf -sed -i -e 's/PHPver/'$phpver'/' -e 's/SITEname/'$sitename'/' /etc/php/"$phpver"/fpm/pool.d/$sitename.conf +sed -i -e 's/PHPver/'$phpver'/' -e 's/SITEname/'$sitename'/' -e 's/DOMAINname/'$domain'/' /etc/php/"$phpver"/fpm/pool.d/$sitename.conf groupadd "$sitename" useradd -g "$sitename" "$sitename" diff --git a/CMS/wordpress/Fpm-Pool.conf-unconfigured b/CMS/wordpress/Fpm-Pool.conf-unconfigured index cf00331..d0df2b5 100644 --- a/CMS/wordpress/Fpm-Pool.conf-unconfigured +++ b/CMS/wordpress/Fpm-Pool.conf-unconfigured @@ -5,16 +5,35 @@ listen = /var/run/php/phpPHPver-fpm-SITEname.sock listen.owner = www-data listen.group = www-data php_admin_value[error_log] = /var/log/php-fpm/error-SITEname.log -php_admin_value[cgi.fix_pathinfo] = 0 -php_admin_value[post_max_size] = 512M -php_admin_value[upload_max_filesize] = 1G -php_admin_value[memory_limit] = 512M -php_admin_value[max_input_vars] = 10000 php_admin_value[disable_functions] = exec,passthru,shell_exec,system -php_admin_flag[allow_url_fopen] = off +; OPCACHE SETTINGS +php_admin_value[opcache.memory_consumption] = 256 +php_admin_value[opcache.enable] = 0 +php_admin_value[opcache.interned_strings_buffer] = 32 +php_admin_value[opcache.max_accelerated_files] = 50000 +php_admin_value[opcache.max_wasted_percentage] = 5 +php_admin_value[opcache.revalidate_freq] = 0 +php_admin_value[opcache.validate_timestamps] = 1 + +; PERFORMANCE LIMITS +php_admin_value[max_input_vars] = 5000 +php_admin_value[upload_max_filesize] = 128M +php_admin_value[post_max_size] = 32M +php_admin_value[max_input_time] = 30 + +; SECURITY +php_admin_value[cgi.fix_pathinfo] = 0 +php_admin_value[allow_url_fopen] = Off +php_admin_value[file_uploads] = on +php_admin_value[open_basedir] = "/var/www/DOMAINname/html" +php_admin_value[session.use_strict_mode] = 1 +php_admin_value[session.cookie_httponly] = 1 +;HTTPSONLY php_admin_value[session.cookie_samesite] = Strict +;HTTPSONLY php_admin_value[session.cookie_secure] = 1 + pm = dynamic -pm.max_children = 5 +pm.max_children = 20 pm.start_servers = 2 pm.min_spare_servers = 1 pm.max_spare_servers = 3 -chdir = / +chdir = / \ No newline at end of file diff --git a/CMS/wordpress/conf.sh b/CMS/wordpress/conf.sh index 2f5a967..2cdf720 100644 --- a/CMS/wordpress/conf.sh +++ b/CMS/wordpress/conf.sh @@ -26,7 +26,7 @@ printf '%s\n' "g/WPsalty/d" a "$WPSalts" . w | ed -s /var/www/"$domain"/html/wp- #PHP Pool wget -q -t7 "$repo"/raw/branch/"$branch"/CMS/wordpress/Fpm-Pool.conf-unconfigured -O /etc/php/"$phpver"/fpm/pool.d/"$sitename".conf -sed -i -e 's/PHPver/'$phpver'/' -e 's/SITEname/'$sitename'/' /etc/php/"$phpver"/fpm/pool.d/$sitename.conf +sed -i -e 's/PHPver/'$phpver'/' -e 's/SITEname/'$sitename'/' -e 's/DOMAINname/'$domain'/' /etc/php/"$phpver"/fpm/pool.d/$sitename.conf groupadd "$sitename" useradd -g "$sitename" "$sitename"