A very important, do the station, safety consciousness must be high.
Even if the site is compromised, the server cannot be breached.
Like my current VPS, installed is the LNMP environment, put a number of stations, including friends of the station, permissions must be set up, each station are isolated from each other, but also with the system isolation.
Because I am loaded is PHP5.3, so can be set in php.ini inside, so actually this is not nginx setting.
At the end of the php.ini, add the following settings to:
The code is as follows |
Copy Code |
[Host=111cn.net] Open_basedir = "/www/www.xxx.com:/www/tmp/www.xxx.com" Upload_tmp_dir = "/www/tmp/www.xxx.com" Session.save_path = "/www/tmp/www.xxx.com"
|
Where/www/www.111cn.net is the root of the Web site,
/www/tmp/www.xxx.com is the temporary directory of the upload and session of the directory, so that each station session will not be mixed together, that is, each station is independent.
Then, periodically remove the expired session files from the/WWW/TMP in the scheduled task.
Finally, the FTP user, the MySQL user also restricted the good permissions. Only in this way, to ensure the security of the server AH. Of course, there are a lot of things that are not discussed here.
Hint, this article temporarily only supports php5.3 and above version Oh, the other version does not host this function, we can refer to the following method