Disable the function disable_functionsPHP Security Configuration in PHP.

Phpmyadmin on the server has been abnormal recently. I thought it was a configuration error. The result was that the disable_function was modified some time ago. I gradually compared the disable_function parameter and found that it was because of opendir, readdir, dir, if you disable opendir by using the four chdir parameters, the following error occurs: phpmyadmin: phpMyAd

Recent ServerPhpMyadmin has been abnormal. I thought the configuration was incorrect. The result showed that the disable_fu was modified some time ago.NcTion,

Gradually compare the disable_function parameters and find that the original reason is opendir, reaDdIr, dir, and chdir

When opendir is disabled, the following error occurs:

The following error occurs in phpmyadmin:
PhpMyAdmin-ERROR: cannot open themesFoldEr:./themes
Default theme pmahomme not found!
Theme original not found!
Theme not found!


However, phpspy cannot list directories of other virtual hosts.

Official explanation: http://cn.php.net/manual/zh/function.opendir.php
Opendir: Open Directory handle


Add readdir
The phpmyadmin homepage can be opened, but cannot be logged in. 502 Bad Gateway

Phpspy cannot list other VM directories.

Official explanation: http://cn.php.net/manual/zh/function.readdir.php
Readdir-read entries from the directory handle and return the file name of the next file in the directory

 

Finally, the disable_functions of php. ini is summarized as follows (collection is not used by the server ):

Disable_functions =ExEc, passthru, popen, proc_open, shell_exec, system, phpinfo, assert, chroot, getcwd, scandir, unlink, delete,RmDir, rename,Chgrp,Chmod,Chown, Fopen, copy,Mkdir,File, File_get_contents, fputs, fWrite, Dir

Disable these functions. Both the website and phpmyadmin are normal and files cannot be uploaded.

Webshell cannot be used to view or modify files on the server.

The only drawback is that you can view the directories of other virtual hosts.

 

Enable unlink and fopen if the server uses collection. The list is as follows:

Disable_functions = exec, passthru, popen, proc_open, shell_exec, system, phpinfo, assert, chroot, getcwd, scandir, delete,Rmdir, Rename, chgrp, chmod, chown, copy, mkdir, file, file_get_contents, fputs, fwrite, dir

Unlink official explanation: http://cn.php.net/manual/zh/function.unlink.php

Fopen official explanation: http://cn.php.net/manual/zh/function.fopen.php

 

To use collection, you need to enable these functions:

File_get_contents, fputs, fwrite, dir

The list of Disabled functions is:

Disable_functions = exec, passthru, popen, proc_open, shell_exec, system, phpinfo, assert, chroot, getcwd, scandir, delete, rmdir, rename, chgrp, chmod, chown, copy, mkdir, file