1.防止跳出web目錄
首先修改httpd.conf,如果你只允許你的PHP指令碼程式在web目錄裡操作,還可以修改httpd.conf檔案限制PHP的操作路徑。比如你的web目錄是/usr/local/apache/htdoCS,那麼在httpd.conf裡加上這麼幾行:
PHP_admin_value open_basedir /usr/local/apache/htdoCS
這樣,如果指令碼要讀取/usr/local/apache/htdoCS以外的檔案將不會被允許,如果錯誤顯示開啟的話會提示這樣的錯誤:
Warning: open_basedir restriction in effect. File is in wrong directory in
/usr/local/apache/htdoCS/open.PHP on line 4
等等。
2.防止PHP木馬執行webshell
開啟safe_mode,
在,PHP.ini中設定
disable_functions= passthru,exec,shell_exec,system
二者選一即可,也可都選
3.防止PHP木馬讀寫檔案目錄
在PHP.ini中的
disable_functions= passthru,exec,shell_exec,system
後面加上PHP處理檔案的函數
主要有
fopen,mkdir,rmdir,chmod,unlink,dir
fopen,fread,fclose,fwrite,file_exists
Start building with 50+ products and up to 12 months usage for Elastic Compute Service
1 on 1 presale consultation
24/7 Technical Support 6 Free Tickets per Quarter Faster Response
Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.
A comprehensive suite of global cloud computing services to power your business
Payment Methods We Support
