在php.ini檔案中使用如下
safe_mode = On (使用安全模式)
safe_mode = Off (關閉安全模式)
在apache的httpd.conf中VirtualHost的相應設定方法
php_admin_flag safe_mode On (使用安全模式)
php_admin_flag safe_mode Off (關閉安全模式)
或者:
php_admin_value safe_mode 1 (使用安全模式)
php_admin_value safe_mode 0 (關閉安全模式)
(2) safe_mode_include_dir: 無需UID/GID檢查的目錄;
(3) open_basedir: 將使用者可操作的檔案限制在某目錄下;
a、在Apache的httpd.conf中Directory的相應設定方法:
php_admin_value open_basedir /usr/local/apache/htdocs/:/tmp/
b、在php.ini中設定open_basedir = .:/tmp/, 這個設定表示允許
訪問目前的目錄(即PHP檔案所在目錄)和/tmp/目錄。
(4) disable_functions:設定禁用函數;
典型的安全性配置
disable_functions = shell_exec,system,exec,passthru,show_source,get_cfg_var,dl
若允許使用者偵錯工具,則配置如下:
disable_functions = shell_exec,system,exec,passthru
(5) register_globals: 禁止註冊全域變數;
register_globals = On (自動註冊為全域變數)
register_globals = Off (不可註冊為全域變數)
(6) magic_quotes_gpc: 令敏感字元轉義
magic_quotes_gpc = On
magic_quotes_gpc = Off
在Apache的httpd.conf中VirtualHost的相應設定方法:
php_admin_flag magic_quotes_gpc on
或者:
php_admin_value magic_quotes_gpc 1
Start building with 50+ products and up to 12 months usage for Elastic Compute Service
1 on 1 presale consultation
24/7 Technical Support 6 Free Tickets per Quarter Faster Response
Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.
A comprehensive suite of global cloud computing services to power your business
Payment Methods We Support
