New install does not pass piwik.org's recommended security check

[starchy]

Following the suggestions at https://piwik.org/docs/how-to-secure-piwik/ for this container, I installed the SecurityInfo plugin after getting up and running. It came back with the following warnings:

display_errors display_errors is enabled. This is not recommended on "production" servers, as it could reveal sensitive information. You should consider disabling this feature

group_id PHP may be executing as a "privileged" group, which could be a serious security vulnerability.

open_basedir open_basedir is disabled. When this is enabled, only files that are in the given directory/directories and their subdirectories can be read by PHP scripts. You should consider turning this on. Keep in mind that other web applications not written in PHP will not be restricted by this setting.

upload_tmp_dir upload_tmp_dir is disabled, or is set to a common world-writable directory. This typically allows other users on this server to access temporary copies of files uploaded via your PHP scripts. You should set upload_tmp_dir to a non-world-readable directory

user_id PHP may be executing as a "privileged" user, which could be a serious security vulnerability.

[J0WI]

upload_tmp_dir and open_basedir are less relevant in a Docker environment. See #55 for the group/user.