Windows下处理apache虚拟主机的权限:
1、开启安全模式,可以禁用exec()、system()等函数。
2、在httpd.conf中用php_admin_value open_basedir限制PHP的存取目录。
3、在php_admin_value open_basedir别忘了加上php.ini中指定的PHP临时上传目录和session保存目录,不然会无法上传文件、存取session。
php.ini中按如下配置:
upload_tmp_dir = "E:/APMServ5.2.0/PHP/uploadtemp/"
session.save_path = "E:/APMServ5.2.0/PHP/sessiondata/"
4、Apache2.0配置示例:
<VirtualHost *:80>
ServerName www.awzsr.com
DocumentRoot "E:/awzsr.com"
Options FollowSymLinks IncludesNOEXEC Indexes
DirectoryIndex index.html index.htm default.htm index.php default.php
AllowOverride None
Order Deny,Allow
Allow from all
php_admin_value open_basedir "E:/awzsr.com/;E:/APMServ5.2.0/PHP/uploadtemp/;E:/APMServ5.2.0/PHP/sessiondata/"
#php_admin_value safe_mode_exec_dir "E:/awzsr.com/"
php_admin_value safe_mode On
</VirtualHost>
Apache2.2配置示例:
<VirtualHost *:80>
ServerName www.awzsr.com
DocumentRoot "E:/awzsr.com"
</VirtualHost>
<Directory "E:/smis">
Options FollowSymLinks IncludesNOEXEC Indexes
DirectoryIndex index.html index.htm default.htm index.php default.php
AllowOverride None
Order Deny,Allow
Allow from all
php_admin_value open_basedir "E:/awzsr.com/;E:/APMServ5.2.0/PHP/uploadtemp/;E:/APMServ5.2.0/PHP/sessiondata/"
#php_admin_value safe_mode_exec_dir "E:/awzsr.com/"
php_admin_value safe_mode On
</Directory>
补充:php_admin_value open_basedir 开启限定到目录的话,curl将不能使用。
<VirtualHost *:80>
ServerAdmin webmaster@dummy-host2.localhost
ServerName a.l
ServerAlias a.l *.a.l
DocumentRoot "C:/www/"
ErrorLog "logs/dummy-hyhtd.l-error.log"
CustomLog "logs/dummy-hyhtd.l-access.log" common
php_admin_value open_basedir "C:/www/"
php_admin_value safe_mode On
<Directory "C:/www/">
DirectoryIndex index.php
AllowOverride All
Order allow,deny
Allow from all
</Directory>
</VirtualHost>