Nothing to display.
You are either not running the preferred Apache web server or you are running PHP with a SAPI that does not allow checking Apache properties (e.g. CGI or FPM).
You are not running IIS web server.
| Error reporting | info | Disabled | You will get no errors reported although your error_reporting level is all the way up at 32767, but display_errors is off. This might be the right thing for a production site, but in case of problems enable it in php.ini to get more information. |
| ini_set | good | Enabled | ini_set is used in some places to accomodate for special needs of some Tiki features. |
| DB Driver | good | PDO | The PDO extension is the suggested database driver/abstraction layer. |
| PHP version | good | 5.6.33 | You have a recent version of PHP and you can run any supported versions of Tiki. |
| PHP Server API | info | cgi-fcgi | You are running PHP as CGI. Feel free to use a threaded Apache MPM to increase performance. |
| ByteCode Cache | info | N/A | You are using neither APC nor xCache as your ByteCode Cache which would increase performance, if correctly configured. See Admin->Performance in your Tiki for more details. |
| memory_limit | ugly | 128M | Your memory_limit is at 128M. This will normally work, but you might run into problems when your site grows. |
| session.save_handler | good | files | Well set! the default setting of 'files' is needed for Tiki. |
| zlib.output_compression | info | Off | You have zlib output compression turned off. This reduces CPU usage. Turning it on would in turn save bandwidth. Choose your poison. |
| register_globals | good | Off | Well set! And you are future proof also as register_globals is deprecated. |
| safe_mode | good | Off | Well set! And you are future proof also as safe_mode is deprecated. |
| magic_quotes_gpc | good | Off | Well set! Some features like assigning perms to a group with a name containing a quote will not work with this being on. And you are future proof also as magic_quotes_gpc is deprecated. |
| default_charset | good | UTF-8 | Well set! Tiki is fully UTF-8 and so should your installation be. |
| date.timezone | good | Australia/Melbourne | Well done! Having a timezone set protects you from many weird errors. |
| file_uploads | good | On | You can upload files to your Tiki. |
| max_execution_time | good | 30s | Your max_execution_time is at 30. This is a good value for production sites. If you experience timeouts (such as when performing admin functions) you may need to increase this nevertheless. |
| max_input_time | ugly | -1s | Your max_input_time is unlimited. This is not necessarily bad, but it's a good idea to limit this time on productions servers in order to eliminate unexpectedly long running scripts. |
| upload_max_filesize | ugly | 2M | Your upload_max_filesize is at 2M. Nothing wrong with that, but some users might want to upload something bigger. |
| post_max_size | good | 8M | Your post_max_size is at 8M. You can upload quite big files, but keep in mind to set your script timeouts accordingly. |
| fileinfo | good | Loaded | The fileinfo extension is needed for the 'Validate uploaded file content' preference. |
| intl | good | Loaded | intl extension will be needed in future versions of Tiki. |
| gd | ugly | bundled (2.1.0 compatible) | The GD extension is loaded, and Tiki can create images, but the FreeType extension is needed for CAPTCHA text generation. |
| Image Magick | good | Available | ImageMagick is used as a fallback in case that GD is not available. |
| mbstring | good | Loaded | The mbstring extension is needed for an UTF-8 compatible lower case filter in the admin search for example. |
| calendar | good | Loaded | calendar extension is needed by Tiki. |
| ctype | good | Loaded | ctype extension is needed by Tiki. |
| libxml | good | Loaded | This extension is needed for WebDAV and the dom extension (see below). |
| dom | good | Loaded | This extension is needed for many features such as:
bigbluebutton, machine translation, SCORM & meta-data in file galleries, wiki importers, custom search, Kaltura and others. |
| LDAP | good | Loaded | This extension is needed to connect your Tiki to an LDAP server. More info at: http://doc.tiki.org/LDAP |
| memcache | good | Loaded | This extension can be used to speed up your Tiki by saving sessions as well as wiki and forum data on a memcached server. |
| mcrypt | good | Loaded | Enable safe, encrypted storage of data, e.g. passwords. |
| eval() | good | Available | The eval() function is required by the Smarty templating engine. |
| ZipArchive class | good | Available | The ZipArchive class is needed for features such as XML Wiki Import/Export and PluginArchiveBuilder. |
| DateTime class | good | Available | The DateTime class is needed for the WebDAV feature. |
| upload_tmp_dir | unknown | | Can't reliably determine, if your upload_tmp_dir is accessible via a web browser. To make sure you should check your webserver config. |
| register_globals | Off | safe | register_globals should be off by default. See the php manual for details. |
| exec | Enabled | risky | Exec can potentially be used to execute arbitrary code on your server. Tiki does not need it, you may want to disable it. |
| passthru | Enabled | risky | Passthru is similar to exec. Tiki does not need it, you may want to disable it. |
| shell_exec | Enabled | risky | Shell_exec is similar to exec. Tiki needs it to run PDF from URL: WebKit (wkhtmltopdf). If you need this and trust the other PHP software on your server, you should enable it. |
| system | Enabled | risky | System is similar to exec. Tiki does not need it, you may want to disable it. |
| proc_open | Enabled | risky | Proc_open is similar to exec. Tiki does not need it, you may want to disable it. However, Composer may need it (If you are running Tiki from SVN) |
| curl_exec | Enabled | risky | Curl_exec can potentially be abused to write malicious code. Tiki needs it to run features like Kaltura, CAS login, CClite and the myspace and sf wiki-plugins. If you need these and trust the other PHP software on your server, you should enable it. |
| curl_multi_exec | Enabled | risky | Curl_multi_exec can potentially be abused to write malicious code. Tiki needs it to run features like Kaltura, CAS login, CClite and the myspace and sf wiki-plugins. If you need these and trust the other PHP software on your server, you should enable it. |
| parse_ini_file | Enabled | risky | It is probably an urban myth that this is dangerous. Tiki team will reconsider this check, but be warned. |
| show_source | Enabled | risky | It is probably an urban myth that this is dangerous. Tiki team will reconsider this check, but be warned. |
| session.use_trans_sid | Disabled | safe | session.use_trans_sid should be off by default. See the php manual for details. |
| xbithack | Disabled | safe | setting the xbithack option is unsafe. Depending on the file handling of your webserver and your tiki settings, it may be possible that an attacker can upload scripts to file gallery and execute them |
| allow_url_fopen | Enabled | risky | allow_url_fopen may potentially be used to upload remote data or scripts. Also used by Composer to fetch dependencies. If you dont use the blog feature, you can switch it off. |
Nothing to display.
