php.ini in every folder

I have a php.ini in every folder, defender found 104 of them, is this normal? Do I need them? Should I just delete? Where have they come from?

See attached.

Thanks again

Dan

  • Dimitris

    Hey there Daniel Perry,

    hope you're doing good and thanks for reaching us! :slight_smile:

    These files aren't included in WP core but they may are coming from:
    1. a custom WP installation process
    2. a server setup

    Could you please inform us which is your hosting provider and if you used any auto-installer program -like Softaculous in a cPanel environment- to setup WordPress or did you use the default way (downloading .zip file, extracting it and uploading it to your server).

    As this may also be coming via a server setup though, you should contact your hosting provider to ensure (or not) that these files are coming from their end.

    Finally, did you try to edit any of these files to check what's inside? Please advise!

    Warm regards,
    Dimitris

  • JazzyDan

    Hosting provider is 1and1, and I have used their wordpress install many times, and not come across this before.
    Content of file is as follows....

    safe_mode=false;
    upload_max_filesize=67108864;
    post_max_size=67108864;
    memory_limit=268435456;
    extension_dir=/usr/lib/php7.0/extensions;
    zend_extension=/usr/lib/php7.0/extensions/opcache.so;
    opcache.enable=1;
    opcache.memory_consumption=32;
    opcache.interned_strings_buffer=8;
    opcache.max_accelerated_files=3000;
    opcache.revalidate_freq=180;
    opcache.fast_shutdown=0;
    opcache.enable_cli=0;
    opcache.revalidate_path=0;
    opcache.validate_timestamps=2;
    opcache.max_file_size=0;
    opcache.file_cache=/kunden/homepages/30/d653042000/htdocs/.opcache;
    opcache.file_cache_only=1;

    Thanks again

    Dan

  • Adam Czajczyk

    Hello Dan!

    I assume that there's also a php.ini file in a root folder of your WordPress install, is that correct?

    Its content would probably be the same so if you could confirm that, I think you might remove other files as php.ini by default - unless your hosts configuration is that far from established standards - wouldn't even be used if outside the domain's root folder.

    However, as always in case of removing files, especially those that you're not sure what/why they are there for, it'd be recommended to take a full file backup first (you can simply download your entire WP install via FTP or use e.g. our Snapshot plugin).

    Best regards,
    Adam

  • Ryan

    Well, that was fruitful and confusing. After confirming with the 1&1 support tech that it was a very odd application of php.ini, he went to his level 2 support and learned that this is STANDARD for WP sites deployed by 1&1. Neither of them could offer any explanation of why this was done and confirmed that they could be deleted. It is a little disconcerting to be told that they deviated from the standard WP installation for no reason at all.

Thank NAME, for their help.

Let NAME know exactly why they deserved these points.

Gift a custom amount of points.