PHP.ini configuration file Detailed

First look at the PHP configuration file, which is under this path

[Email protected] ~]# Vim/usr/local/php/etc/php.ini

If you don't know where he is, we have a way to check it out.

[Email protected] ~]#/usr/local/php/bin/php-i |head

Phpinfo ()

PHP Version = 5.3.27

System = Linux zhangmengjunlinux.com 2.6.32-573.el6.i686 #1 SMP Thu Jul 12:37:35 UTC i686

Build Date = Dec 26 2015 22:16:02

Configure Command = './configure '--prefix=/usr/local/php '--with-apxs2=/usr/local/apache2/bin/apxs '-- With-config-file-path=/usr/local/php/etc '--with-mysql=/usr/local/mysql '--with-libxml-dir '--with-gd '-- With-jpeg-dir '--with-png-dir '--with-freetype-dir '--with-iconv-dir '--with-zlib-dir '--with-bz2 '-- With-openssl '--with-mcrypt '--enable-soap '--enable-gd-native-ttf '--enable-mbstring '--enable-sockets '-- Enable-exif '--disable-ipv6 '

Server API = Command line Interface

Virtual Directory support = disabled

Configuration File (php.ini) Path = =/usr/local/php/etc

Loaded Configuration File =/usr/local/php/etc/php.ini

This command, which is phpinfo, can see where the PHP file is being called

Loaded Configuration File =/usr/local/php/etc/php.ini

Then we're going to configure PHP, just to change its configuration file.

[Email protected] ~]# Vim/usr/local/php/etc/php.ini

This PHP is ";" as the comment symbol, the shell is used #号, then we commonly used the configuration is probably so much, first of all

Disable_functions =eval,assert,popen.passthru,escapeshellarg,escapeshellcmd,passthru,exec,system,chroot,scandir , Chgrp,chown,escapeshellcrnd,escapeshellarg,shell_exec,proc_get_status,ini_alter,ini_restore,dl,pfsockopen, Openlog,syslog,readlink,symlink,leak,popepassthru,stream_socket_server,popen,proc_open,proc_close

Disable_functions It is empty by default, to disable some of the functions, then we have to disable some high-risk functions for security needs, which are listed above, you can go to the official documents to see what the meaning of

Second configuration: Error log about it, related search key sub/display_error

Display_error=off default is off, if we change it to on, it can be the page is the browser access to the page to display some error message, may wish to cite an example, if you change it to Display_error=on

#apachectl Graceful

And then we deliberately wrote the PHP script wrong.

650) this.width=650; "src=" Http://s5.51cto.com/wyfs02/M00/79/38/wKioL1aL1e2xdeRaAABF8rRRBc8330.png "title=" 1.png " alt= "Wkiol1al1e2xderaaabf8rrrbc8330.png"/>

This line of aaaaaaaa in PHP does not seem to recognize anything else, save the exit

We go to the browser refresh to see, there is an error, you can follow the instructions to find out where the script went wrong

650) this.width=650; "src=" Http://s5.51cto.com/wyfs02/M01/79/39/wKiom1aL1nyAs1gyAACOUEbsOHY027.png "title=" 2.png " alt= "Wkiom1al1nyas1gyaacouebsohy027.png"/>

Then we change the display_error=on to off in the refresh is a white page, see no error, then this time do not know what is wrong, how to do, the first way to open the Display_error, Of course, you do not know what the situation of the situation to see his status code press F12 flush out error 500, you can curl test, 5,001-like PHP script is a problem, after opening display_error=on means that others can see your error message, So we think of a different way, first put Display_error=off, and then open the PHP error log, Log_error=on, if it is off we change to on, in addition, we go to define the specific Error_log path

Error_log=/usr/local/php/logs/php_error_log

Well, let's see if the path exists.

[Email protected] ~]# ls/usr/local/php/logs/

LS: Unable to access/usr/local/php/logs/: No file or directory

[Email protected] ~]# mkdir/usr/local/php/logs/

[Email protected] ~]# Ls/usr/local/phpp/logs

LS: Unable to access/usr/local/phpp/logs: No file or directory

[Email protected] ~]# chmod 777/usr/local/php/logs/

Without that directory we create one, and then change its permission to 777 because the user of the error log is Apache so we're going to let it be written, and here we're going to configure the format of the log, the level of the third log

error_reporting = E_all & ~e_notice

Save exit, new reload Apache

[Email protected] ~]# ls/usr/local/php/logs/

[Email protected] ~]#!vim

Vim/usr/local/php/etc/php.ini

[Email protected] ~]# apachectl restart

[Email protected] ~]# vim/data/www/forum.php

[Email protected] ~]# apachectl restart

[Email protected] ~]# ls/usr/local/php/logs/

Php_errors.log

[Email protected] ~]# Cat/usr/local/php/logs/php_errors.log

[02-jan-2016 16:05:11 asia/chongqing] PHP Parse error:syntax error, unexpected t_string in/data/www/forum.php on line 11

That in the browser page refresh, although we do not see any information, but we will be under the/usr/local/php/logs/generated PHP_ Error.log has a log produced, we cat a bit, see the error message, this is how to open PHP error log, and do not expose information

In a knowledge point, Open_basedir is also a security option, to give a few columns, we this PHP Apache to visit the site, they go to find a path, we have defined a path, such as/data/www, if the site has some loopholes, let the criminals get some permissions, He can upload Trojan horse, Trojan can get some information on the server, such as can get some directory, file, then this time we should think of a strategy, in order to just in case, we should restrict its permission to die in a certain directory, because our website is under/DATA/WWW. How to do it, just use this option.

Open_basedir=/data/www:/tmp, first to make a wrong display open_basedir=/data/www2:/tmp

650) this.width=650; "src=" Http://s2.51cto.com/wyfs02/M01/79/3A/wKiom1aL3RKDBXX4AABFkseay1Q511.png "title=" 3.png " alt= "Wkiom1al3rkdbxx4aabfkseay1q511.png"/>

Save exit, Apache new load, go to the browser to refresh the time is a white page, open F12 is also 500,php can do so Apache for virtual host to do some restrictions, each virtual host a open_basedir, every site, Each domain name uses a open_basedir how to do it configuration is simple

#vim/usr/local/apache2/conf/extra/httpd-vhosts.conf

Php_admin_value Open_basedir "/data/www/:/tmp/"

We can comment out the open_basedir in php.ini, what we need is Apache, the advantage is that we can distinguish between different virtual hosts

This article is from the "Dream On the Ridge" blog, be sure to keep this source http://mengjunlinux.blog.51cto.com/10772888/1731902

PHP.ini configuration file in a detailed