Php security configuration details (1/2)

(1) enable the Security Mode of the php tutorial
The security mode of php is a very important embedded security mechanism that can control some php functions, such as system (),
At the same time, many file operation functions are subject to permission control, and files of some key files are not allowed, such as/etc/passwd,
However, the default php. ini mode does not enable the security mode. Open it:
Safe_mode = on

(2) user group security
When safe_mode is enabled and safe_mode_gid is disabled, the php script can access the file and
Group users can also access files.
Recommended settings:
Safe_mode_gid = off
If you do not set it, we may not be able to operate the files under the website directory of our server. For example, we need
During file operations.

(3) Main directory for executing programs in Safe Mode
If security mode is enabled, but you want to execute some programs, you can specify the main directory of the program to be executed:
Safe_mode_exec_dir = d:/usr/bin
Generally, you do not need to execute any program. Therefore, we recommend that you do not execute the system program Directory, which can point to a directory,
Then copy the program to be executed, for example:

Safe_mode_exec_dir = d:/tmp/cmd

However, I recommend that you do not execute any program, so you can point to our webpage directory:

Safe_mode_exec_dir = d:/usr/www

 

1 2