PHP is no doubt a very powerful server-side scripting language, but powerful features are always associated with significant risks, and in this chapter you will learn to use PHP's Safe mode to block some of the potential risk factors for PHP.
"Safe Mode"
PHP's Safe Mode provides a basic, secure, shared environment in a PHP-open Web server with multiple user accounts. When PHP running on a Web server opens Safe mode, some functions are completely blocked and some of the available features are restricted.
[Use Safe mode to enforce restrictions]
In safe mode, some function functions that attempt to access the file system are limited. To run a Web server user ID, if you want to manipulate a file, you must have access to the file read or write, which is not a problem for PHP.
When Safe mode is turned on, when you try to read or write to a local file, PHP checks to see if the current access user is the owner of the target file. If it is not the owner, the operation is prohibited. (Write access: Under the lower level of file access, you may be allowed to read or write files to the System OS, and the PHP security mode enables you to prevent the operation of another user file.) Of course, a Web server might be able to access an arbitrary file with global write permissions. )
When Safe mode is open, the functionality of the following list of functions will be limited:
ChDir, Move_uploaded_file, Chgrp, Parse_ini_file, Chown, rmdir, copy, rename, fopen, require, Highlight_file, Show_source , include, symlink, link, touch, mkdir, unlink
Similarly, functions in some PHP extensions will also be affected. (Load module: In Safe mode, the DL function will be prohibited, if you want to load the extension, you can only modify the extended option in php.ini, loading when PHP starts)
When PHP security mode is open, you need to execute the operating system program, you must be in the SAFE_MODE_EXEC_DIR option to specify the directory of the program, or execution will fail. Even if it is allowed to execute, it is automatically passed to the Escapeshellcmd function for filtering.
The following list of functions that execute the command will be affected:
exec, Shell_exec, PassThru, System, Popen
In addition, the back tag operator (') will also be closed.
When running in Safe mode, the PUTENV function will not be valid, although it will not cause an error. Similarly, other functions that attempt to change the PHP environment variable are set_time_limit, and Set_include_path will also be ignored.
[Open Safe Mode]
The Safe mode of turning PHP on or off is taking advantage of the Safe_mode option in php.ini. If you want to activate Safe mode to all current users of the shared Web server, just set the configuration option to: Safe_mode = ON when the function checks the file owner when it accesses the file system. By default, the user ID of the owner of the file is checked, when you are able to modify the file owner's group ID (GID) specified for the Safe_mode_gid option. If you have a shared library file on your system, and when you encounter a need for include or require, then you can use the SAFE_MODE_INCLUDE_DIR option to set your path to ensure that your code works properly. (Include path: If you want to use the SAFE_MODE_INCLUDE_DIR option to include more include paths, then you can split with a colon in the unix/linux system, like the include_path option, split with semicolons under Windows) For example, if you want to include/usr/local/include/php files in Safe mode, you can set the option to: Safe_mode_include_dir =/usr/local/include/php If your included files are required to execute , then you can set the Safe_mode_exec_dir option. For example, you need to/usr/local/php-bin the file under the path can be executed, then you can set the option to: Safe_mode_exec_dir =/usr/local/php-bin (executable: If you execute the program in the/usr/bin directory, Then you can use these binaries to connect to the path that you can execute under the specified options. If you want to set certain environment variables, then you can have the Safe_mode_allowed_env_vars option. The value of this option is the prefix of an environment variable, which defaults to an environment variable that allows the php_ to start, and if you want to change, you can set the value of the option and divide the prefixes between the environment variables using commas. For example, the following allows the time zone's environment variable TZ, then modify the value of this option is: Safe_mode_allowed_env_vars = Php_,tz "Other security features" in addition to Safe mode, PHP provides many other features to ensure PHP security.
[Hide PHP]
You can use the expose_php option in php.ini to prevent the Web server from leaking PHP report information. as follows: expose_php = on using the entire setting, you can block some attacks from automated scripts against the Web server. Typically, HTTP header information contains the following information: server:apache/1.3.33 (Unix) php/5.0.3 mod_ssl/2.8.16
openssl/0.9.7c after the expose_php option is turned on, the PHP version information will not be included in the header information above. Of course, users can also see the. php file name extension when they visit the site. If you want the entire use of different file extensions, you need to find the following line in httpd.conf: AddType application/x-httpd. php you can modify. PHP for any file extension you like. You can specify any number of file extensions, using spaces in the middle to split. If you want to use PHP on the server side to parse. html and. htm files, then you set the options as follows: AddType application/x-httpd. html. htm ( Parsing HTML: Configure your Web server to parse all HTML files using PHP, but if the server-side code also needs to be parsed by PHP, it can affect the performance of the server. Static pages You can use different extensions, which eliminates reliance on the PHP scripting engine and enhances performance. )
[File system security]
Safe Mode restricts the script owner to access only the files that belong to them, but you can use Open_basedir to specify a directory that you must access. If you specify a directory, PHP will deny access to other directories except for that directory and subdirectories of that directory. The Open_basedir option can work outside of safe mode. Limit file system access to/TMP directory only, then Set option is: Open_basedir =/tmp[function access Control] You can use a comma split in the disable_functions option to set the function name, then the functions will be closed in the PHP script. This setting can work outside of safe mode. Disable_functions = dl Of course, you can use the disable_classes option to turn off access to some classes.
[Database Security]
Suppose your php script contains a MySQL query based on form values: $sql = "UPDATE mytable SET col1 =".