快捷搜索:   nginx

Linux下Apache与PHP安全相关设置(5)

php.ini的安全设置范例:
——————————————————————————–

safe_mode = On
allow_url_fopen = Off
allow_url_include = Off
register_globals = Off
magic_quotes_gpc = On
display_errors = Off

disable_functions = shell_exec,system,exec,passthru,show_source,get_cfg_var
#或者,也可以考虑开放后两个危险系数较低的函数:
disable_functions = shell_exec,system,exec,passthru

open_basedir = .

——————————————————————————–

VirtualHost的一个配置范例:
——————————————————————————–

ServerAdmin [email]webmaster@mydomain[/email]
DocumentRoot /home/hosting/mydomain/public_html
ServerName mydomain.com
ServerAlias www.mydomain.com
php_admin_value safe_mode 1
php_admin_value allow_url_fopen 0
php_admin_value allow_url_include 0
php_admin_value register_globals 1
php_admin_value magic_quotes_gpc 1
php_admin_value display_errors 0
php_admin_value open_basedir /home/hosting/mydomain/
ErrorLog logs/mydomain.com-error_log
CustomLog logs/mydomain.com-access_log common

#或者:

ServerAdmin [email]webmaster@mydomain[/email]
DocumentRoot /home/hosting/hung25ucom/public_html
ServerName mydomain.com
ServerAlias www.mydomain.com
php_admin_flag safe_mode On
php_admin_flag allow_url_fopen Off
php_admin_flag allow_url_include Off
php_admin_flag register_globals On
php_admin_flag magic_quotes_gpc On
php_admin_flag display_errors Off
php_admin_value open_basedir /home/hosting/mydomain/
ErrorLog logs/mydomain.com-error_log
CustomLog logs/mydomain.com-access_log common

 

顶(0)
踩(0)

您可能还会对下面的文章感兴趣:

最新评论