--- php-5.5.2/php.ini	2013-08-15 20:42:04.000000000 +0000
+++ php-5.5.2/php.ini	2013-08-19 08:38:00.942999606 +0000
@@ -82,6 +82,20 @@
 ; much more verbose when it comes to errors. We recommending using the
 ; development version only in development environments as errors shown to
 ; application users can inadvertently leak otherwise secure information.
+;
+; This is the default settings file for new PHP installations from
+; TLD Linux.
+;
+; It's based mainly on php.ini-production, but with some changes made with
+; security in mind (see below, consult also http://php.net/manual/en/security.php).
+;
+; Please note, that in TLD installations /etc/php/php.ini file
+; contains global settings for all SAPIs (cgi, cli, apache...),
+; and after reading this file, SAPI-specific file (/etc/php/php-cgi-fcgi.ini,
+; /etc/php/php-cli.ini, /etc/php/php-apache.ini...) is INCLUDED
+; (so you don't have to duplicate whole large file to override only
+; few options)
+
 
 ;;;;;;;;;;;;;;;;;;;
 ; Quick Reference ;
@@ -157,7 +171,7 @@
 ;   Production Value: 5
 
 ; short_open_tag
-;   Default Value: On
+;   Default Value: Off
 ;   Development Value: Off
 ;   Production Value: Off
 
@@ -204,7 +218,7 @@
 ; confused and end up parsing the wrong code in the wrong context. But because
 ; this short cut has been a feature for such a long time, it's currently still
 ; supported for backwards compatibility, but we recommend you don't use them.
-; Default Value: On
+; Default Value: Off
 ; Development Value: Off
 ; Production Value: Off
 ; http://php.net/short-open-tag
@@ -372,7 +386,7 @@
 ; threat in any way, but it makes it possible to determine whether you use PHP
 ; on your server or not.
 ; http://php.net/expose-php
-expose_php = On
+expose_php = Off
 
 ;;;;;;;;;;;;;;;;;;;
 ; Resource Limits ;
@@ -725,7 +739,7 @@
 
 ; Directory in which the loadable extensions (modules) reside.
 ; http://php.net/extension-dir
-; extension_dir = "./"
+;extension_dir = "/usr/lib/php"
 ; On windows:
 ; extension_dir = "ext"
 
@@ -739,53 +753,6 @@
 ; http://php.net/enable-dl
 enable_dl = Off
 
-; cgi.force_redirect is necessary to provide security running PHP as a CGI under
-; most web servers.  Left undefined, PHP turns this on by default.  You can
-; turn it off here AT YOUR OWN RISK
-; **You CAN safely turn this off for IIS, in fact, you MUST.**
-; http://php.net/cgi.force-redirect
-;cgi.force_redirect = 1
-
-; if cgi.nph is enabled it will force cgi to always sent Status: 200 with
-; every request. PHP's default behavior is to disable this feature.
-;cgi.nph = 1
-
-; if cgi.force_redirect is turned on, and you are not running under Apache or Netscape
-; (iPlanet) web servers, you MAY need to set an environment variable name that PHP
-; will look for to know it is OK to continue execution.  Setting this variable MAY
-; cause security issues, KNOW WHAT YOU ARE DOING FIRST.
-; http://php.net/cgi.redirect-status-env
-;cgi.redirect_status_env =
-
-; cgi.fix_pathinfo provides *real* PATH_INFO/PATH_TRANSLATED support for CGI.  PHP's
-; previous behaviour was to set PATH_TRANSLATED to SCRIPT_FILENAME, and to not grok
-; what PATH_INFO is.  For more information on PATH_INFO, see the cgi specs.  Setting
-; this to 1 will cause PHP CGI to fix its paths to conform to the spec.  A setting
-; of zero causes PHP to behave as before.  Default is 1.  You should fix your scripts
-; to use SCRIPT_FILENAME rather than PATH_TRANSLATED.
-; http://php.net/cgi.fix-pathinfo
-;cgi.fix_pathinfo=1
-
-; FastCGI under IIS (on WINNT based OS) supports the ability to impersonate
-; security tokens of the calling client.  This allows IIS to define the
-; security context that the request runs under.  mod_fastcgi under Apache
-; does not currently support this feature (03/17/2002)
-; Set to 1 if running under IIS.  Default is zero.
-; http://php.net/fastcgi.impersonate
-;fastcgi.impersonate = 1
-
-; Disable logging through FastCGI connection. PHP's default behavior is to enable
-; this feature.
-;fastcgi.logging = 0
-
-; cgi.rfc2616_headers configuration option tells PHP what type of headers to
-; use when sending HTTP response code. If it's set 0 PHP sends Status: header that
-; is supported by Apache. When this option is set to 1 PHP will send
-; RFC2616 compliant header.
-; Default is zero.
-; http://php.net/cgi.rfc2616-headers
-;cgi.rfc2616_headers = 0
-
 ;;;;;;;;;;;;;;;;
 ; File Uploads ;
 ;;;;;;;;;;;;;;;;
@@ -863,50 +830,9 @@
 ; If you only provide the name of the extension, PHP will look for it in its
 ; default extension directory.
 ;
-; Windows Extensions
-; Note that ODBC support is built in, so no dll is needed for it.
-; Note that many DLL files are located in the extensions/ (PHP 4) ext/ (PHP 5)
-; extension folders as well as the separate PECL DLL download (PHP 5).
-; Be sure to appropriately set the extension_dir directive.
-;
-;extension=php_bz2.dll
-;extension=php_curl.dll
-;extension=php_fileinfo.dll
-;extension=php_gd2.dll
-;extension=php_gettext.dll
-;extension=php_gmp.dll
-;extension=php_intl.dll
-;extension=php_imap.dll
-;extension=php_interbase.dll
-;extension=php_ldap.dll
-;extension=php_mbstring.dll
-;extension=php_exif.dll      ; Must be after mbstring as it depends on it
-;extension=php_mysql.dll
-;extension=php_mysqli.dll
-;extension=php_oci8.dll      ; Use with Oracle 10gR2 Instant Client
-;extension=php_oci8_11g.dll  ; Use with Oracle 11gR2 Instant Client
-;extension=php_openssl.dll
-;extension=php_pdo_firebird.dll
-;extension=php_pdo_mysql.dll
-;extension=php_pdo_oci.dll
-;extension=php_pdo_odbc.dll
-;extension=php_pdo_pgsql.dll
-;extension=php_pdo_sqlite.dll
-;extension=php_pgsql.dll
-;extension=php_pspell.dll
-;extension=php_shmop.dll
-
-; The MIBS data available in the PHP distribution must be installed. 
-; See http://www.php.net/manual/en/snmp.installation.php 
-;extension=php_snmp.dll
-
-;extension=php_soap.dll
-;extension=php_sockets.dll
-;extension=php_sqlite3.dll
-;extension=php_sybase_ct.dll
-;extension=php_tidy.dll
-;extension=php_xmlrpc.dll
-;extension=php_xsl.dll
+
+; Ideally in TLD Linux you should install appropriate php-<extension> or
+; php-pecl-<extension> package.
 
 ;;;;;;;;;;;;;;;;;;;
 ; Module Settings ;
@@ -941,9 +867,9 @@
 ;filter.default_flags =
 
 [iconv]
-;iconv.input_encoding = ISO-8859-1
-;iconv.internal_encoding = ISO-8859-1
-;iconv.output_encoding = ISO-8859-1
+iconv.input_encoding = UTF-8
+iconv.internal_encoding = UTF-8
+iconv.output_encoding = UTF-8
 
 [intl]
 ;intl.default_locale =
@@ -1157,6 +1083,9 @@
 ; http://php.net/mysql.connect-timeout
 mysql.connect_timeout = 60
 
+; The name of the character set to use as the default character set.
+;mysql.connect_charset=utf8
+
 ; Trace mode. When trace_mode is active (=On), warnings for table/index scans and
 ; SQL-Errors will be displayed.
 ; http://php.net/mysql.trace-mode
@@ -1196,6 +1125,9 @@
 ; http://php.net/mysqli.default-socket
 mysqli.default_socket =
 
+; The name of the character set to use as the default character set.
+;mysqli.connect_charset=utf8
+
 ; Default host for mysql_connect() (doesn't apply in safe mode).
 ; http://php.net/mysqli.default-host
 mysqli.default_host =
@@ -1362,7 +1294,7 @@
 
 [browscap]
 ; http://php.net/browscap
-;browscap = extra/browscap.ini
+browscap = /etc/php/browscap.ini
 
 [Session]
 ; Handler used to store/retrieve data.
@@ -1827,7 +1759,7 @@
 
 ; Sets the directory name where SOAP extension will put cache files.
 ; http://php.net/soap.wsdl-cache-dir
-soap.wsdl_cache_dir="/tmp"
+soap.wsdl_cache_dir="/var/cache/php"
 
 ; (time to live) Sets the number of second while cached file will be used
 ; instead of original one.