快捷搜索:   nginx

windows+apache虚拟主机安全设置

Windows下:
1、开启安全模式,可以禁用exec()、system()等函数
2、在httpd.conf中用php_admin_value open_basedir限制PHP的存取目录
3、在php_admin_value open_basedir别忘了加上php.ini中指定的PHP临时上传目录和session保存目录,不然会无法上传文件、存取session
php.ini中按如下配置:
upload_tmp_dir = "E:/APMServ5.2.0/PHP/uploadtemp/"
session.save_path = "E:/APMServ5.2.0/PHP/sessiondata/"

4、更多内容参考我的APMServ软件的配置 http://apmserv.s135.com

httpd.conf配置(假如将PHP读写权限限制在E:\smis目录下)

Apache2.0配置示例:
<VirtualHost *:80>
ServerName www.abc.com
DocumentRoot "E:/smis"
Options FollowSymLinks IncludesNOEXEC Indexes
DirectoryIndex index.html index.htm default.htm index.php default.php
AllowOverride None
Order Deny,Allow
Allow from all
php_admin_value open_basedir "E:/smis/;E:/APMServ5.2.0/PHP/uploadtemp/;E:/APMServ5.2.0/PHP/sessiondata/"
php_admin_value safe_mode On
</VirtualHost>

Apache2.2配置示例:

<VirtualHost *:80>
ServerName www.abc.com
DocumentRoot "E:/smis"
</VirtualHost>
<Directory "E:/smis">
Options FollowSymLinks IncludesNOEXEC Indexes
DirectoryIndex index.html index.htm default.htm index.php default.php
AllowOverride None
Order Deny,Allow
Allow from all
php_admin_value open_basedir "E:/smis/;E:/APMServ5.2.0/PHP/uploadtemp/;E:/APMServ5.2.0/PHP/sessiondata/"
php_admin_value safe_mode On
</Directory>

顶(0)
踩(0)

您可能还会对下面的文章感兴趣:

最新评论