Drupal 7 PHP requirements

Below you will find some more detailed notes regarding the PHP requirements for Drupal 7. Individual modules may have specific requirements and configurations needed; please double check module documentation as well.

For information on Drupal 8, see the Drupal 8 PHP requirements.

On this page:

• PHP version required and supported
• File and folder permissions
• PHP configuration settings
  • Required PHP configuration settings
  • Recommended PHP configuration settings
  • Memory requirements
  • Caching Required
• Extensions
  • Database extensions
  • XML extension
  • Image library
  • OpenSSL
  • JSON
  • cURL
  • APC
  • ssh extension
  • Twig C extension
• Other
  • .htaccess settings
  • Other interfaces
  • Secure Random Number Generation
  • xdebug
  • PHP sources
• PHP requirements details, by Drupal version
  • All versions
  • Drupal 8
  • Drupal 7
  • Shortlist

PHP version required and supported

This table shows how each Drupal version requires and supports the various versions of PHP. If you have selected a particular Drupal version and want to select the best PHP version to use with it, read the column for that Drupal version upwards from the bottom. If you have a particular PHP version and want to know which Drupal version will work the best with it, read left to right along the row for that PHP version.

PHP version	Drupal 7
4.4	no
5.0	no
5.2	5.2.5+ (*)
5.3	yes
5.4	yes (minimum recommended)
5.5	yes
5.6	yes
7	yes (**)

(*) For Drupal 7, versions of PHP 5.2.4 that include backported security patches also meet the requirements. The PHP version included with Ubuntu 8.04 is the most common example of this.
(**) Because PHP 7 is the newest release, extra care should still be taken with it. See the Drupal 7.50 release notes and the PHP 7 discussion for more details. However anecdotal evidence from a variety of users suggests that Drupal 7 can be successfully used on PHP 7, both before and after the 7.50 release.

File and folder permissions

Drupal and PHP should have read and write access to the /sites/default/files directory. This area is used to store cached files (compressed CSS and JavaScript) and any file uploads through the Drupal interface. The exact permissions of this directory depend on how your PHP installation is configured. Generally speaking, read-write-execute for all, nobody user, (777) is not recommended as a security risk. PHP can be run under as the specific user account on the server using suPHP rather than a generic user (www) or nobody.

PHP configuration settings

Required PHP configuration settings

PHP needs the following configuration directives for Drupal to work (only directives that differ from the default php.ini-development / php.ini-production):

• error_reporting set to E_ALL & ~E_NOTICE. Work is ongoing to change this to E_ALL for Drupal 7.
• safe_mode: off. Safe mode may interfere with file and image uploads. This is applicable for only for PHP version's below 5.3.0, as of PHP 5.4.0 Safe Mode has been removed
• Tokenizer functions require the tokenizer extension to be enabled. (Read more #357970: Undefined function token_get_all)

Recommended PHP configuration settings

Setting: session.cache_limiter = nocache

Setting: session.auto_start = 0

Setting: expose_php = off
Reason: Shows current PHP version in all header requests, security disclosure, see here
Example: X-Powered-By: PHP/5.3.8

Setting: allow_url_fopen = off
Reason: This is a security issue: see here

Setting: magic_quotes_gpc = off
Reason: Forces quotes in variables - This feature has been deprecated as of PHP 5.3.0 and removed as of PHP 5.4.0.

Setting: register_globals = off
Reason: Security issue - having this enabled subjects PHP variables to input from any source:
This feature has been deprecated as of PHP 5.3.0 and removed as of PHP 5.4.0.

Setting: display_errors = Off
Reason: Hides errors output to display (website) we want to send to log file instead.

Memory requirements

PHP memory requirements can vary significantly depending on the modules in use on your site. Drupal 7 core requires 32MB.

Warning messages will be shown if the PHP configuration does not meet these requirements. However, while these values may be sufficient for a default Drupal installation, a production site with a number of commonly used modules enabled could require more memory. Typically 128 MB or 256 MB are found in production systems. Some installations may require much more, especially with media-rich implementations. If you are using a hosting service it is important to verify that your host can provide sufficient memory for the set of modules you are deploying or may deploy in the future. (See the Increase PHP memory limit page in the Troubleshooting FAQ for additional information on modifying the PHP memory limit.)

Enable caching

Within the Drupal interface, it is highly recommended that caching be enabled under admin/config/development/performance. This will help increase the performance of your Drupal installation and the end user experience. For more details see Caching to improve performance.

Extensions

Database extensions

The PHP extension for connecting to your chosen database must be installed and enabled. Drupal's currently supported database connectors are: mysql (the original MySQL extension), mysqli (an improved connector for newer MySQL installations), and pgsql (for PostgreSQL). Note: PHP 5.x no longer enables the mysql extension by default. Please read the links above for installing and enabling your chosen connector. 

XML extension

PHP XML extension (for Blog API, Drupal, and Ping modules). This extension is enabled by default in a standard PHP installation; the Windows version of PHP has built-in support for this extension. Enabling the XML extension also enables PHP DOM. DOM is now a systems requirement.

Image library

An image library for PHP such as the GD library is needed for image manipulation (resizing user pictures, image and imagecache modules). GD is included with PHP 4.3 and higher and usually enabled by default. GD is a required extension in Drupal 7 and later. ImageMagick is also supported for basic image manipulations in Drupal core but there is much less support from contributed modules.
If you have administrator rights on a Debian/Ubuntu server, and GD is not already available (see your phpinfo) it can usually be installed by running the following command:
sudo apt-get install php5-gd
or on Redhat/Centos:
sudo yum install php-gd
See the ImageMagick install instructions for your platform if you want that.

OpenSSL

The PHP OpenSSL extension is recommended to allow Drupal to make outgoing requests using HTTPS. Some platforms provide a separate OpenSSL package, e.g. php55-openssl.

There is also ongoing work to make Drupal core's Update Manager module check for updates using HTTPS, which would make this an even stronger recommendation or possibly a requirement. See #1538118: Update status does not verify the identity or authenticity of the release history URL and https://groups.drupal.org/node/506128.

JSON

Drupal 7 and 8 require PHP compiled with JSON. JSON support is normally compiled as part of PHP core, but in case you're getting errors like PHP Fatal error: Call to undefined function Drupal\\Component\\Serialization\\json_encode() in ... core/lib/Drupal/Component/Serialization/Json.php try adding the JSON extension.

cURL

The PHP cURL extension is required for the SimpleTest module in Drupal 7 and 8, as well as Aggregator and some contributed modules. Many Linux distributions and development stacks will have it enabled by default, but if your system doesn't, here are instructions on how to enable it for various platforms are below.

See also the installing PHP cURL instructions on the Drupal documentation.

Mbstring

The PHP mbstring extension provides multibyte specific string functions used for Drupal installation in other languages except English and also multilingual sites in Drupal. It helps deal with multibyte encodings in PHP and also handles Unicode based encodign like UTF-8 or UCS-2.

can be installed in Linux systems depending on OS, eg: for Debian based system:

sudo apt-get install php7.0-mbstring

Windows

XAMPP

Open C:/xampp/php/php.ini in a text editor.

Uncomment the extension=php_curl.dll line by removing the preceding ";".

Linux

Ubuntu/Debian

Run sudo apt-get update && sudo apt-get install php5-curl.

If you need to enable it, run sudo php5enmod curl.

APC

Recent versions of APC (apparently since 3.1.6) set 'Enable internal debugging in APC' as the default. This generates large numbers of PHP messages that can make diagnosing other problems more difficult. This option can be disabled during installation by explicitly entering no to the prompt - hitting 'enter' will enable the option in spite of the wording of the prompt.

Also, see Drupal 7-specific information relating to APC.

ssh extension

The ssh PECL extension is an optional add-on to your PHP setup. While it is not required for normal Drupal function, when absent, both the Add new module and Add new theme links in your drupal's administration will fail with the admittedly uninformative message:"Your server does not support installing modules and themes from this interface. "

Other

.htaccess settings

Some of the memory settings are contained in the default .htaccess file that ships with Drupal, so you shouldn't need to set them explicitly. Note, however, that setting PHP configuration options from .htaccess only works under the following conditions:

• With Apache (or a compatible web server)
• If the .htaccess file is actually read, i.e. AllowOverride All in the main Apache configuration (usually httpd.conf) is enabled
• If PHP is installed as an Apache module

In some shared hosting environments, access to these settings is restricted. If you cannot make these changes yourself, please ask your hosting provider to adjust them for you.

Other interfaces

See the PHP manual for how to change configuration settings for other interfaces to PHP.

Secure Random Number Generation

See discussion on Drupal 7 issue

xdebug

If using xdebug:

Setting: xdebug.show_exception_trace = 0
Reason: Could cause Drupal's installer to crash

Setting: xdebug.max_nesting_level = 256
Reason: Using the default max_nesting_level of 100 (in xdebug versions < 2.3) causes some pages to crash.

PHP from different sources

Drupal is designed to work with PHP as distributed on php.net. Every effort is made to make it work with PHP versions from other sources but this is only done on a best effort basis. In particular, suhosin is known to break certain features; and some operating systems move core components into other packages.

PHP requirements details

See the phpinfo() page on Drupal.org to learn how to use phpinfo to get the details of your system. For example, phpinfo will tell you if you have a database already installed and what versions of PHP, MySQL, etc. your system is running. Phpinfo will also tell you what PHP variables are set as well as many other helpful things.

It is often possible to update to a newer version of PHP than ships with your Linux distribution. For RHEL, we recommend http://iuscommunity.org/Repos, and for Debian, http://www.dotdeb.org/.

On Debian libapache2-mod-php5filter may get installed in preference to libapache2-mod-php5 (http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=709027). Unfortunately, the libapache2-mod-php5filter package has a bug which breaks Drupal (http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=709023). So, make sure you specify to use the libapache2-mod-php5 package instead.

• Drupal 7 requires PHP 5.2.5 or higher (or PHP 5.2.4 with backported security patches, such as the version included with Ubuntu 8.04). PHP 5.4 or higher is recommended.
• PHP Data Objects (PDO) must be activated for Drupal 7 to install and run correctly. Look in your php.ini. Uncomment (remove the leading semicolon) at line extension=php_pdo.dll, extension=php_pdo_mysql.dll. In Linux, these would be extension=pdo.so and extension=pdo_mysql.so. Some Linux distributions may have these extensions by default in files found in the conf.d folder (Ubuntu 12.04: /etc/php5/conf.d has pdo.ini and pdo_mysql.ini). If these lines are not there, you will need to add them. The PECL version of PDO is not compatible with Drupal 7 and cannot be used.
• The Drupal 7 Update manager can install/update modules and themes via SSH if the required libraries have been installed on the server. If you have administrator rights on a Debian/Ubuntu server, and SSH is not already available (see your phpinfo) it can usually be installed by executing:
  apt-get install libssh2-php.
• Drupal 7 may require the time parameter (max_execution_time) to be at least 30 seconds.
• APC installation guides sometimes recommend setting apc.include_once_override=1. This causes Drupal 7 to fail (white screen, error 500) as reported in Do not enable apc.include_once_override.
• The following PHP extensions are required for Drupal 7:
  

  $required_extensions = array( 'date', 'dom', 'filter', 'gd', 'hash', 'json', 'pcre', 'pdo', 'session', 'SimpleXML', 'SPL', 'xml', ); 

A shortlist based on above:

section		d7
PHP version		Min 5.2.5 – rec 5.5.4
core	allow_url_fopen	must be OFF or nonexistent
core	display_errors	off
core	max_execution_time	min 30 seconds
core	expose_php	must be OFF or nonexistent
core	memory_limit	32MB
ctype	ctype functions
cURL	cURL support
cURL	libSSH Version	required for install update
date	date/time support	enabled
dom	DOM/XML	enabled
fileinfo	fileinfo support
filter	Input Validation and Filtering	enabled
gd	GD Support	enabled
?	magic_quotes_gpc	must be OFF or nonexistent
?	magic_quotes_runtime	must be disabled or nonexistent
?	safe_mode	must be disabled or nonexistent
?	register_globals	must be OFF or nonexistent
hash	hash support	enabled
openssl	openssl support	enabled
json	json support	enabled
pcre	PCRE (Perl Compatible Regular Expressions) Support	enabled
pdo	PHP Data Objects(PDO)	(specific for your database)
pecl	PECL version of PDO	not compatible
session	Session Support	enabled
session	session.auto_start	0
session	session.cache_limiter	nocache
SimpleXML	Schema support	enabled
SPL	SPL support	lots
Suhosin	APC.include-once-override	avoid
Tokenizer	Tokenizer Support
XML	XML Support	enabled
XML	XML Namespace Support	enabled
Zend OPcache	Opcode caching
Zend OPcache	PHP 5.5+ opcache.save_comments
Zend OPcache	PHP 5.5+ opcache.load_comments
MODULE TESTING	memory_limit