See where PHP configuration files are located
虽然PHP是以httpd一个模块的形式存在的,但是PHP本身也有自己的配置文件。查看PHP配置文件所在位置的命令为:[[email protected] ~]# /usr/local/php/bin/php -i | grep -i "Loaded Configuration file"PHP Warning: Unknown: It is not safe to rely on the system‘s timezone settings. You are *required* to use the date.timezone setting or the date_default_timezone_set() function. In case you used any of those methods and you are still getting this warning, you most likely misspelled the timezone identifier. We selected the timezone ‘UTC‘ for now, but please set date.timezone to select your timezone. in Unknown on line 0Loaded Configuration File => /usr/local/php/etc/php.ini第一行是warning警告信息,可以忽略,如想想取消则需要编辑php.ini,找到date.timezone设置为:[[email protected] ~]# vim /usr/local/php/etc/php.ini //取消前面;号date.timezone = Asia/Shanghai再次执行就不会提示警告信息了。然后访问一个包含phpinfo函数的页面,会显示这样:
Second, PHP's disable_functions
由于phpinfo会显示出服务器内LAMP架构内的很多软件的配置文件等重要文件的信息,所以在生产环境下最好禁掉,防止被黑客获取到系统内部php信息,造成损失。测试环境可以不禁。[[email protected] ~]# vim /usr/local/php/etc/php.ini //搜索disable_functions,编辑成如下内容disable_functions = eval,assert,popen,passthru,escapeshellarg,escapeshellcmd,passthru,exec,system,chroot,scandir,chgrp,chown,escapeshellcmd,escapeshellarg,shell_exec,proc_get_status,ini_alter,ini_restore,dl,pfsockopen,openlog,syslog,readlink,symlink,leak,popepassthru,stream_socket_server,popen,proc_open,proc_close,phpinfo[[email protected] ~]# /usr/local/apache2/bin/apachectl graceful //更改要重新加载下apache服务
Third, configuration Error_log
PHP logs are important, and it's an important way to troubleshoot problems. The steps are as follows: [[[email protected] ~]# vim/usr/local/php/etc/php.inilog_errors = ON//Search Log_errorserror_log =/var/log/p Hp/php_errors.log//Search Log_error, change to this, store the log path error_reporting = e_all & ~e_notice//Search error_reporting change to this DISPL Ay_errors = OFF//change to off[[email protected] ~]#/usr/local/apache2/bin/apachectl gr Acefuldisplay_errors=on/off: Set whether the cause of the error is displayed, it is important to note that the error log must be set, the save path, and the error log level to be set to OFF (to prevent users from seeing), or the cause of the error cannot be found. Log_errors=on/off on/Off error log "error_log=/tmp/" sets the save path of the error log. If you cannot produce the log after you have defined the path, you need to check if the log file is in the directory with the Write (w) permission "errorreporting =" To set the error log level: E all, ~e NOTICE, ~e STRICT, ~ Edeprecated (can be freely combined). Production environment use: E All & ~e_ notice is available. After you set up php.ini, you need some extra action: [[email protected] ~]# mkdir/var/log/php[[email protected] ~]# chmod 777/var/log/ php///Ensure that the PHP error log exists in the directory, and that the permissions can be read and written [[email protected] ~]#/usr/local/apache2/bin/apachectl Graceful Test effect Fruit: [[email protected] ~]# curl-a "www"-x 192.168.204.128:80 linuxtest.com/indextest.php-i//intentionally removing the parentheses of the Phpinfo function http/1.0 Internal Server errordate:wed, Mar 2018 07:51:56 G Mtserver:apache/2.4.29 (Unix) php/5.6.30x-powered-by:php/5.6.30connection:closecontent-type:text/html; Charset=utf-8 a 500 status code, you can view the PHP error log: [[email protected] php]# cat php_errors.log [07-mar-2018 16:00:49 asia/ Shanghai] PHP Parse error:syntax error, unexpected '?> ' in/data/wwwroot/123test/indextest.php on line 3
Iv. Configuration Open_basedir
Open_basedir can limit the active range of user access files to the specified area, usually the path of their home directory, and also the symbols "." To represent the current directory. Note that the limit specified with Open_basedir is actually a prefix, not a directory name. [[email protected] php]# Vim/usr/local/php/etc/php.ini; Open_basedir, if set, limits all file operations to the defined directory; and below. This directive makes the most sense if used in a per-directory; or per-virtualhost Web server configuration file.; Http://php.net/open-basediropen_basedir =/usr/local/wwwroot/123test:/tmp//Multiple directories by: separated, This explains whether PHP restricts the activity of both directories to be active in both directories: [[email protected] php]# curl-a "www"-X 192.168.204.128:80 ztest.com/ openbasedir.php-ihttp/1.0 Internal Server errordate:wed, Mar 2018 08:14:04 gmtserver:apache/2.4.29 (Unix) php/5. 6.30x-powered-by:php/5.6.30connection:closecontent-type:text/html; charset=utf-8//Status code 500, viewing logs [[email protected] php]# cat php_errors.log [07-mar-2018 16:00:49 Asia/shanghai] php Parse error:syntax error, unexpected '?> ' in/data/wwwroot/123test/indextest.php on line 3[07-mar-2018 16:13:57 Asia/ Shanghai] PHP WarNing:Unknown:open_basedir restriction in effect. File (/data/wwwroot/abctest/openbasedir.php) is not within the allowed path (s): (/USR/LOCAL/WWWROOT/123TEST:/TMP) in Unknown on line 0[07-mar-2018 16:13:57 Asia/shanghai] PHP Warning:Unknown:failed to open stream:operation not Permitte D in Unknown on line 0[07-mar-2018 16:13:57 Asia/shanghai] PHP Fatal error:Unknown:Failed opening required '/data/wwwro Ot/abctest/openbasedir.php ' (include_path= '.:/ Usr/local/php/lib/php ') in Unknown on line 0[07-mar-2018 16:14:04 Asia/shanghai] php Warning:Unknown:open_basedir restr Iction in effect. File (/data/wwwroot/abctest/openbasedir.php) is not within the allowed path (s): (/USR/LOCAL/WWWROOT/123TEST:/TMP) in Unknown on line 0[07-mar-2018 16:14:04 Asia/shanghai] PHP Warning:Unknown:failed to open stream:operation not Permitte D in Unknown on line 0[07-mar-2018 16:14:04 Asia/shanghai] PHP Fatal error:Unknown:Failed opening required '/data/wwwro Ot/abctest/openbasedir.php ' (include_path=‘.:/ Usr/local/php/lib/php ') in Unknown on line 0//The log shows that the page to be accessed is not in the specified directory. You can also set Open_basedir for a single virtual host:
87.PHP Configuration