php can access files across directories by default, we need to give him a limit, a separate limit for each virtual host,
That's right, it's open_basedir. Here we need special tricks, limit each virtual machine
This will allow the web host to run only in the website directory and the tmp directory, and not to traverse to other directories
The nginx separate website configuration file is as follows:
(If a site needs to set up additional directories separately, write the above code in include fastcgi.conf; This line is OK, and the settings in fastcgi.conf will be overridden. )
If you set it globally, you don't need to set up each site individually, the configuration is as follows:
Join in the Nginx configuration file
Usually include fastcgi.conf is used in the nginx site configuration file; In this way, just add this line to fastcgi.conf.
After the above methods are completed, you need to restart the nginx service.
The recommended prohibited functions are as follows:
disable_functions = pcntl_alarm, pcntl_fork, pcntl_waitpid, pcntl_wait, pcntl_wifexited, pcntl_wifstopped, pcntl_wifsignaled, pcntl_wexitstatus, pcntl_wtermsig, pcntl_wstopsig, pcntl_signal, pcntl_signal_dispatch, pcntl_get_last_error, pcntl_strerror, pcntl_sigprocmask, pcntl_sigwaitinfo, pcntl_sigtimedwait, pcntl_exec, pcntl_getpriority, pcntl_ setpriority, eval, popen, passthru, exec, system, shell_exec, proc_open, proc_get_status, chroot, chgrp, chown, ini_alter, ini_restore, dl, pfsockopen, openlog, syslog, readlink, symlink, popepassthru, stream_socket_server, fsocket, chdir
|
Posted on 8/22/2017 12:12:59 PM
|
|
|
