5.4.36System => Linux centos6.5-1..."/>
溫馨提示×

您好,登錄后才能下訂單哦!

密碼登錄×
登錄注冊(cè)×
其他方式登錄
點(diǎn)擊 登錄注冊(cè) 即表示同意《億速云用戶服務(wù)條款》

LAMP搭建17:PHP配置文件php.ini詳解

發(fā)布時(shí)間:2020-07-26 12:35:14 來(lái)源:網(wǎng)絡(luò) 閱讀:1073 作者:Rachy1989 欄目:web開(kāi)發(fā)

PHP主配置文件是/usr/local/php/etc/php.ini:

[root@centos6 ~]# /usr/local/php/bin/php -i |head

phpinfo()

PHP Version => 5.4.36

System => Linux centos6.5-1 2.6.32-431.el6.i686 #1 SMP Fri Nov 22 00:26:36 UTC 2013 i686

Build Date => Jan 14 2017 00:52:17

Configure Command =>  './configure'  '--prefix=/usr/local/php' '--with-apxs2=/usr/local/apache2/bin/apxs' '--with-config-file-path=/usr/local/php/etc' '--with-mysql=/usr/local/mysql' '--with-libxml-dir' '--with-gd' '--with-jpeg-dir' '--with-png-dir' '--with-freetype-dir' '--with-iconv-dir' '--with-zlib-dir' '--with-bz2' '--with-openssl' '--with-mcrypt' '--enable-soap' '--enable-gd-native-ttf' '--enable-mbstring' '--enable-sockets' '--enable-exif' '--disable-ipv6'

Server API => Command Line Interface

Virtual Directory Support => disabled

Configuration File (php.ini) Path => /usr/local/php/etc

Loaded Configuration File => /usr/local/php/etc/php.ini

該配置文件以分號(hào)“;”作為注釋符號(hào),可以使用參數(shù) disable_functions 禁用一些高風(fēng)險(xiǎn)的函數(shù):

[root@centos6 ~]# vim /usr/local/php/etc/php.ini

……

; This directive allows you to disable certain functions for security reasons.

; It receives a comma-delimited list of function names. This directive is

; *NOT* affected by whether Safe Mode is turned On or Off.

; http://php.net/disable-functions

disable_functions = eval,assert,popen,passthrn,escapeshllarg,escapes

hellcmd,passthru,exec,system,chroot,scandir,chgrp,chown,escapeshellc

md,escapeshellarg,shell_exec,proc_get_status,ini_alter,ini_restore,d

l,pfsockopen,openlog,syslog,readlink,syslink,leak,popepassthru,strea

m_socket_server,popen,proc_open,proc_close

可以打開(kāi)display_errors=On(默認(rèn)是Off)在瀏覽器中顯示錯(cuò)誤信息

;   On or stdout = Display errors to STDOUT

; Default Value: On

; Development Value: On

; Production Value: Off

; http://php.net/display-errors

display_errors = On

重新加載配置文件

[root@centos6 ~]# apachectl -t

Syntax OK

[root@centos6 ~]# apachectl graceful

打開(kāi)我們論壇頁(yè)面,人為加點(diǎn)錯(cuò)誤

[root@centos6 ~]# vim /data/www/forum.php

<?php

abcdefgh #來(lái)點(diǎn)錯(cuò)誤

/**

*      [Discuz!] (C)2001-2099 Comsenz Inc.

*      This is NOT a freeware, use is subject to license terms

*

*      $Id: forum.php 33828 2013-08-20 02:29:32Z nemohou $

*/

define('APPTYPEID', 2);

define('CURSCRIPT', 'forum');

……

訪問(wèn)會(huì)出現(xiàn)錯(cuò)誤

LAMP搭建17:PHP配置文件php.ini詳解

display_errors = On改回默認(rèn)值Off

[root@centos6 ~]#  vim /usr/local/php/etc/php.ini

……

;   On or stdout = Display errors to STDOUT

; Default Value: On

; Development Value: On

; Production Value: Off

; http://php.net/display-errors

display_errors = Off

……

[root@centos6 ~]# apachectl -t

Syntax OK

[root@centos6 ~]# apachectl graceful

訪問(wèn)不提示錯(cuò)誤,空白,按F12查看狀態(tài)碼為500

LAMP搭建17:PHP配置文件php.ini詳解

也可以使用curl查看狀態(tài)碼

[root@centos6 ~]# curl -x192.168.147.132:80 www.test.com/forum.php -I

HTTP/1.0 500 Internal Server Error

Date: Sat, 14 Jan 2017 22:40:53 GMT

Server: Apache/2.2.9 (Unix) PHP/5.4.36

X-Powered-By: PHP/5.4.36

Cache-Control: max-age=0

Expires: Sat, 14 Jan 2017 22:40:53 GMT

Connection: close

Content-Type: text/html

我們不可以使用display_errors=On來(lái)再瀏覽器頁(yè)面中查看我們的錯(cuò)誤信息,因?yàn)檫@樣會(huì)把錯(cuò)誤暴露給所有用戶,這很危險(xiǎn)。我們使用log_errors=On(默認(rèn)是打開(kāi)的)來(lái)記錄錯(cuò)誤信息,以供改正。

只需要定義錯(cuò)誤日志存放的位置

[root@centos6 ~]# mkdir /usr/local/php/logs

[root@centos6 ~]# chmod 777 !$

chmod 777 /usr/local/php/logs

定義存放位置:

; Example:

error_log = /usr/local/php/logs/php_errors.log

; Log errors to syslog (Event Log on Windows).

定義錯(cuò)誤日志級(jí)別:

; Default Value: E_ALL & ~E_NOTICE & ~E_STRICT & ~E_DEPRECATED

; Development Value: E_ALL

; Production Value: E_ALL & ~E_DEPRECATED & ~E_STRICT

; http://php.net/error-reporting

error_reporting = E_ALL & ~E_NOTICE

重新加載配置文件后

[root@centos6 ~]# apachectl -t

Syntax OK

[root@centos6 ~]# apachectl graceful

刷新瀏覽器,會(huì)在我們指定的路徑下生成一個(gè)錯(cuò)誤日志,內(nèi)容跟使用瀏覽器顯示的錯(cuò)誤一樣:

[root@centos6 logs]# ls

php_errors.log

[root@centos6 logs]# cat php_errors.log

[14-Jan-2017 22:47:45 UTC] PHP Parse error:  syntax error, unexpected 'define' (T_STRING) in /data/www/forum.php on line 11

限制用戶只能訪問(wèn)的目錄,以:分割多個(gè)目錄(這里我們?nèi)サ鬴orum.php中的錯(cuò)誤代碼)

[root@centos6 logs]#  vim /usr/local/php/etc/php.ini

; open_basedir, if set, limits all file operations to the defined directory

; and below.  This directive makes most sense if used in a per-directory

; or per-virtualhost web server configuration file. This directive is

; *NOT* affected by whether Safe Mode is turned On or Off.

; http://php.net/open-basedir

open_basedir = /data/www/:/tmp/

[root@centos6 logs]# apachectl -t

Syntax OK

[root@centos6 logs]# apachectl graceful

LAMP搭建17:PHP配置文件php.ini詳解

如果我們限制用戶到一個(gè)錯(cuò)誤的目錄比如www2(不存在):

[root@centos6 logs]#  vim /usr/local/php/etc/php.ini

; open_basedir, if set, limits all file operations to the defined directory

; and below.  This directive makes most sense if used in a per-directory

; or per-virtualhost web server configuration file. This directive is

; *NOT* affected by whether Safe Mode is turned On or Off.

; http://php.net/open-basedir

open_basedir = /data/www2/:/tmp/

[root@centos6 logs]# apachectl -t

Syntax OK

[root@centos6 logs]# apachectl graceful

又不能訪問(wèn)了

LAMP搭建17:PHP配置文件php.ini詳解

從錯(cuò)誤日志中找到原因

[root@centos6 logs]# cat php_errors.log

……

[14-Jan-2017 22:55:07 UTC] PHP Warning:  Unknown: open_basedir restriction in effect. File(/data/www/forum.php) is not within the allowed path(s): (/data/www2/:/tmp/) in Unknown on line 0

……

因此允許訪問(wèn)的目錄范圍一定要限制正確。

如果有多個(gè)虛擬主機(jī),多個(gè)網(wǎng)站,就需要做多個(gè)open_basedir限制,如果使用php.ini配置的話,只能一組目錄,多個(gè)站點(diǎn)無(wú)法指定自己特有的目錄,所以我們使用虛擬主機(jī)配置文件做配置。

先把php.ini里的open_basedir注釋掉

[root@centos6 logs]#  vim /usr/local/php/etc/php.ini

……

; open_basedir, if set, limits all file operations to the defined directory

; and below.  This directive makes most sense if used in a per-directory

; or per-virtualhost web server configuration file. This directive is

; *NOT* affected by whether Safe Mode is turned On or Off.

; http://php.net/open-basedir

;open_basedir = /data/www/:/tmp/

……

我們這里只有一臺(tái)虛擬主機(jī),在其中加入如下內(nèi)容即可,如果有多臺(tái)虛擬主機(jī),每一臺(tái)都可以指定自己的目錄

[root@centos6 logs]# vim /usr/local/apache2/conf/extra/httpd-vhosts.conf

……

<VirtualHost *:80>

#    ServerAdmin webmaster@dummy-host2.example.com

DocumentRoot "/data/www"

ServerName www.test.com

ServerAlias www.aaa.com

ServerAlias www.bbb.com

 php_admin_value open_basedir "/data/www/:/tmp/"

<Directory "/data/www">

AllowOverride None

Options None

……

[root@centos6 logs]# apachectl -t

Syntax OK

[root@centos6 logs]# apachectl graceful


向AI問(wèn)一下細(xì)節(jié)

免責(zé)聲明:本站發(fā)布的內(nèi)容(圖片、視頻和文字)以原創(chuàng)、轉(zhuǎn)載和分享為主,文章觀點(diǎn)不代表本網(wǎng)站立場(chǎng),如果涉及侵權(quán)請(qǐng)聯(lián)系站長(zhǎng)郵箱:is@yisu.com進(jìn)行舉報(bào),并提供相關(guān)證據(jù),一經(jīng)查實(shí),將立刻刪除涉嫌侵權(quán)內(nèi)容。

AI