want to disable htaccess from updating the default php values set in php.ini
 

In my development server PHP is installed as Apache module.

Some developers are changing php values for some projects by putting like "php_value memory_limit 512M" in htaccess file.

I want to block this. I want to disable htaccess from updating the default php values set in php.ini.

Since we are using htaccess for rewrite rules, I can't disable entire htaccess of the server. I just wanted to block htaccess from updating the default php values set in php.ini.

How can I do this ?

My server - CentOS - Apache/2.2.23, PHP 5.3.22

To prevent users setting PHP config values in .htaccess files, do not give AllowOverride Options permissions on their virtual hosts.

Alternatively, install PHP as CGI instead of as an Apache module, as the CGI version is unaffected by .htaccess files. However, since PHP 5.3.0, PHP CGI does parse per-directory php.ini files. I am not aware of a method that turns this off.

I've just seen this in the latest default php.ini:

So if you put directives in your main php.ini under per-directory headings they cannot be overridden. However, the downside is that you'll have to do this for every virtual host so it'll be a PITA in environments where there are many or where new ones are frequently added.

Further reading has revealed this:

So just uncomment that last line to disable per-user ini files.

This is one of the reasons Apache recommend NOT using htaccess files, but putting the reqd directives inside the relevant Dir tags
https://httpd.apache.org/docs/curren.../htaccess.html