Tiki Check is stable & functional. Below are some ideas for the future, but no more imminent work is planned.



  • tiki-check.php: make all these 50+ values available to Nagios/Icinga/Shinken
  • tiki-check.php should refuse being indexed by robots (how to do this in PHP?)
  • The checks we have for htaccess (which are in tiki-admin.php?page=sefurl) should be available in tiki-check.php and when .htaccess is not the correct one for that version, there should be a huge warning
  • Make it easy to find for site admins (ex.: add link in menu, or admin panel)
  • Backport to branches/9.x
  • tiki-install.php -> * PHP error reporting level should not be reverted Done in trunk and 9.2
  • Testing Tiki installations on major Shared Hosting companies
  • Make a section for advanced things that basic users shouldn't worry about Done, I changed the category from bad to info


  • In tiki-admin_system.php, when exporting a zip: Error:PCLZIP_ERR_READ_OPEN_FAIL (-2) : Unable to open archive '' in wb mode
  • Is realpath_cache check suitable for Tiki Check?
  • Is there a reliable way to tell people where to change the settings? (ex: /etc/php.ini /etc/my.cnf )
  • Are warnings about default_charset and date.timezone too stern? I have seen them on servers where Tiki works nicely
    • I changed from bad to ugly
  • if possible warn when running with another MPM than "prefork" - PHP is NOT thread-safe
    • can this be checked from PHP at all? (without using exec and parsing apachectl output)
  • session.save_path = /tmp
    • Does it make sense to check that?! Reasonable values for this vary from server to server and setup to setup.
  • Can we check for a working .htaccess?
    • e.g. create a htaccess with some RewriteRule in it, call the URL and see if it is being rewritten
    • any smarter way?
  • Can we check for the configuration of mod_deflate/expires/security ?
  • Disk space check should be KILled completely, it's the wrong place for it here.

Phase 2 

Beyond Tiki Check, but let's explore 

  • Should we have tiki-admin.php?page=server where we attempt to override various settings uncovered by Tiki Check?
  • File storage
    • If more than 50 Megs in MySQL, recommend to the admin to move to filesystem
    • If set to filesystem, but they are not accessible/writable, give a warning
  • check if we are often using more than x% of memory_limit and warn the admin
  • Run tiki-check automated, regularly in the background and e-mail admin or something like that
    • Run on Pre-Dogfood Servers and send an email report of hard crashes. (email could be stored in db/local.php)
  • security - how to lock it? (turtle)
    • If a Tiki is installed where tiki-check.php is, it should use tiki auth system and check tiki_p_admin, or ask for db/local.php info (because if Tiki is crashed, it can't check for tiki_p_admin). If it detects a brute force password attack, it should lock itself like t0iki-install.php does.
  • what happens, if Tiki is crashed
    • We want it to run in standalone, but we don't want people to DoS a Tiki to read it
  • A function to export to txt, csv, html or something for easy distribution to people wanting to help on debugging
    • ask LPH for some parsable format
      • Could be .csv to mother.tiki.org
        • We should do this at the end
  • In tiki-admin.php it should be warned that activating a feature doesn't help, if the server environment doesn't support it

File/folder permissions 


Nice to have 

  • Can Tiki index file content? -> Search Within Files
    • Link to Admin->File Galleries
  • Check if Tikis Paths fit open_basedir
  • It would be nice to run from the command line php tiki-check.php and have a decent looking output (now it's hard to read HTML)
    • Since CLI PHP can be different than the web PHP, is this a good idea?

Low priority (only do if very easy) 

  • Show DB-credentials form in the MySQL section
  • Is it possible to report 32bits vs 64 bits? (useful to know what software to install)
  • Indicate if MyISAM or InnoDB (people can use adminer.php)
  • Warn if correlating values are too far off each other, for example
    • max_execution_time <> max_input_time
    • upload_max_filesize <> post_max_size <> max_allowed_packet

sh tiki-check.sh 

  • Since some things (like Apache worker MPM) can't be detected via PHP, perhaps the next step will be tiki-check.sh Let's move all the checks that can't be done via PHP to this section. And even here, some things will require root.
  • Check for these Server tools or for requirements for TRIM

Server check script examples 

Good, bad, ugly references