To enable FastCGI on IIS 7.0 add CGI role service by going to Server Manager -> Roles -> Add Role Services. This enables both CGI and FastCGI services.
Unpack the files to a directory of your choice (e.g. C:\PHP). Rename the php.ini-recommended to php-cgi-fcgi.ini.
Open php-cgi-fcgi.ini file and uncomment and modify settings as follows:
a. Set fastcgi.impersonate = 1;
b. Set cgi.fix_pathinfo=1. cgi.fix_pathinfo;
c. Set cgi.force_redirect = 0;
d. short_open_tag = On;
e. extension_dir = "c:\php5\ext\";
f. uncomment extension=php_mysql.dll;
Open IIS Manager and then select and open “Handler Mappings” at the server level.
Click OK. The dialog box appears asking if you want to create a FastCGI application for this executable. Click Yes.
Add DNP_IUSRS permissions with "Read & execute" on your PHP folder.
PHP Security Recommendations
The following recommendations describe how to tighten security of PHP in shared hosting environment. To make the recommended changes locate and open php-cgi-fcgi.ini file and edit it as described below:
- Disable remote URL's for file handling functions:
- Set allow_url_fopen=Off
- Set allow_url_include=Off
- Disable register_globals:
- Restrict where PHP can read and write on a file system, e.g.:
- open_basedir="c:\hostingspaces\" or your path to your hosting spaces folder
- Disable safe mode:
- Limit script execution time:
- Limit memory usage and file sizes:
For more information about PHP and IIS7 please follow http://learn.iis.net/page.aspx/208/fastcgi-with-php/