diff --git a/examples/nginx-php/custom-php.ini b/examples/nginx-php/custom-php.ini
new file mode 100644
index 0000000..b1c428f
--- /dev/null
+++ b/examples/nginx-php/custom-php.ini
@@ -0,0 +1,38 @@
+[PHP]
+
+engine = On
+short_open_tag = Off
+precision = 14
+output_buffering = 4096
+zlib.output_compression = Off
+implicit_flush = Off
+unserialize_callback_func =
+serialize_precision = -1
+
+; disable potentially harmful functions
+disable_functions = proc_open, popen, disk_free_space, diskfreespace, set_time_limit, leak, tmpfile, exec, system, shell_exec, passthru, show_source, system, phpinfo, pcntl_alarm, pcntl_fork, pcntl_waitpid, pcntl_wait, pcntl_wifexited, pcntl_wifstopped, pcntl_wifsignaled, pcntl_wexitstatus, pcntl_wtermsig, pcntl_wstopsig, pcntl_signal, pcntl_signal_dispatch, pcntl_get_last_error, pcntl_strerror, pcntl_sigprocmask, pcntl_sigwaitinfo, pcntl_sigtimedwait, pcntl_exec, pcntl_getpriority, pcntl_setpriority
+allow_url_fopen = On
+allow_url_include = Off
+
+; prevent version disclosure
+expose_php = Off
+display_errors = Off
+html_errors = Off
+display_startup_errors = Off
+log_errors = On
+log_errors_max_len = 1024
+ignore_repeated_errors = Off
+ignore_repeated_source = Off
+report_memleaks = On
+error_reporting = E_ALL & ~E_DEPRECATED & ~E_STRICT
+
+; disable file uploads
+file_uploads = On
+upload_max_filesize = 2M
+max_file_uploads = 20
+default_socket_timeout = 60
+
+; SQL Injection Prevention
+magic_quotes_gpc = Off
+magic_quotes_runtime = Off
+magic_quotes_sybase = Off