2015-02-03

APACHE & PHP 基本安全設定

.htaccess
http://www.socss.cn/2011/php_0902/167.html

php.ini
http://jamesbond0479.blog.163.com/blog/static/241475820115231759458/

在php的生產環境下建議做一些額外的安全措施:
enable_dl = Off
disable_functions = exec,system,passthru,shell_exec,escapeshellarg,escapeshellcmd,proc_close,proc_open,dl,popen,show_source

如果你建立的是虛擬主機那麼你需要一份更長的函數列表:
disable_functions = escapeshellarg, escapeshellcmd, exec, passthru, proc_close, proc_get_status, proc_open, proc_nice, proc_terminate, shell_exec, system, ini_restore, popen, dl, disk_free_space, diskfreespace, set_time_limit, tmpfile, fopen, readfile, fpassthru, fsockopen, mail, ini_alter, highlight_file, openlog, show_source, symlink, apache_child_terminate, apache_get_modules, apache_get_version, apache_getenv, apache_note,apache_setenv, parse_ini_file

沒有留言:

張貼留言