X-Cart:Server Requirements (X-Cart 4.2)
Version 4.1.0 - 5.x.
- safe_mode = off
- file_uploads = on
- magic_quotes_sybase = off
- sql.safe_mode = off
- allow_url_fopen = on
- ini_set = on
- memory_limit >= 16M
- disable_functions = NULL
- post_max_size >= 2M
- upload_max_filesize >= 2M
- max_execution_time >= 30
- memory_limit >= 32M
- max_input_time >= 30
- sendmail_from = ...@domain.com (an email address, from which sending mail is allowed)
- FTP - to be able to upload files to GoogleBase
- Zlib - for data compression on the fly
- GDLib 2.0 or better - required for automatic generation of product thumbnails form product images, for the 'Image Verification' module and for cache generation in the 'Detailed Product Images' module. GDLib must be compiled with libJpeg (ensure that PHP is configured with the option --with-jpeg-dir=DIR, where DIR is the directory where libJpeg is installed).
- Mcrypt - highly recommended to speed up the Blowfish data encrypting process
- xml/Expat - for Intershipper, UPS or USPS shipping modules.
- cURL - for some of the online credit card processing modules and for shipping modules.
- OpenSSL - for iDEAL Advanced and iDEAL RaboBank Professional payment modules.
- PHP should be compiled with the "--enable-memory-limit" option (strongly recommended).
- PHP should be compiled with the "--enable-mbstring" option. mbstring is designed to handle languages which use multibyte character encodings. For more information and a list of supported encodings, see the corresponding section of PHP manual.
- If you wish to use an external mail program (like qmail or postfix) instead of the PHP "mail()" function, this mail program must be installed and configured.
- If you wish to use an SMTP server instead of the PHP "mail()" function to send mail from the store, the SMTP server must be installed and configured.
- PHP function "exec()" must be allowed for the correct functioning of most of the CC payment processing modules used with X-Cart (SaferPay, Credomatic, CyberSource, HSBC, Ogone, Ogone Web, PayBox, PaySystems Client, VaultX), HTTPS modules (Net::SSLeay, CURL, OpenSSL, https_cli), GnuPG/PGP.
- PHP functions "popen()" & "pclose()" must be allowed for the correct functioning of some HTTPS modules (CURL, Net::SSLeay, OpenSSL, https_cli), payment modules (Saferpay, CyberSource), SMTP mailer (PHPMailer).
For help on PHP configuration settings, visit http://www.php.net.
Supported versions: 3.23 - 5.X
Recommended version: 4.1.22
Not recommended versions: 5.0.50, 5.0.51 (These versions contain some known bugs that may prevent X-Cart from operating correctly).
MySQL server settings
MAX_CONNECTIONS >= 200 (required)
MySQL user privileges
Required basic privileges:
Privileges, required for software installation/upgrade:
MySQL user limitations
- MAX_QUESTIONS - no limitations
- MAX_UPDATES - no limitations
- MAX_QUERIES_PER_HOUR - no limitations
- MAX_USER_CONNECTIONS - no limitations
- max_allowed_packet - 8-16 MB recommended
- wait_timeout - minimum 7200 (28800 recommended)
Apache is the recommended web server. The settings described below refer to Apache only.
Distributed configuration file
- The name of the file must be ".htaccess" (AccessFileName .htaccess).
- You must have sufficient permissions to change the settings of the web directory via the .htaccess file (AllowOverride = ALL).
PHP running mode
If PHP is installed as CGI, it must be compiled with --enable-force-cgi-redirect (without --enable-discard-path).
- mod_dir - is required for correct operation of DirectoryIndex
- mod_access - is required for correct operation of Deny From All and Allow From All
- mod_auth - is required for correct operation of HTTP authentication (HTTP authentication is used in Google Checkout module for additional Admin area protection)
- mod_userdir - is required for access to the website via a temporary URL (http://IP/~user).
- mod_rewrite - is required for correct operation of the Clean URLs functionality.
- mod_expires - is required to set up file caching.
- mod_gzip / mod_deflate - is required for page compression.
- DocumentRoot directories for HTTP and HTTPS must be the same.
- PHP on HTTP and HTTPS must be run under the same user account.
- The php.ini file must be the same for HTTP and HTTPS.
A fresh installation of X-Cart 4.2.x uses at least 30 megabytes of disk space (if installed without add-ons). In addition to that, some disk space will be needed for X-Cart's cache data, image files (if you choose to store them on the file system) and customizations.
The amount of space required for X-Cart database depends on the number of products, customers and orders that will be stored there. Accordingly, database space requirements may vary from as little as 5 megabytes for small shops to over 500 megabytes for large stores.
Advanced requirements and recommended settings
- Outgoing connections must be allowed for ports 80, 443 and 1129. Some payment and shipping systems may require additional ports.
- The server firewall must allow loopback connections. This is required for HTML catalog feature.
- External domains must be resolved on the level of PHP as well as on the system level. Such PHP functions as gethostbyaddr and gethostbyname must work without limitations.
- Domains hosted on a hosting with localhost must be resolved to an external IP address if the server is behind NAT.
- A valid SSL certificate from the list of SSL certificates accepted by Google Checkout is required for correct operation of Google Checkout module. For more information, see the section "What SSL certificates does Google Checkout accept?" of Google Checkout Merchant Help.
- Windows or Linux operating system is required for HSBC payment method.
- The following functionality requires no less than 32 MB of memory: backing up/restoring the database, import and product modification.