我怎么能放松PHP的open_basedir的限制? [英] How can I relax PHP's open_basedir restriction?
问题描述
open_basedir的限制可以由PHP目录树中打开的文件。
我存储多级库和配置文件我的网站根目录之外。这样,Web服务器并不能让他们公开访问。然而,当我试图从我的应用程序包括他们,我得到了open_basedir限制,错误是这样的:
警告:真实路径()
[function.realpath]:open_basedir的
限制生效。
文件(/var/www/vhosts/domain.tld/zend/application)
不在允许路径(多个)内:
(/var/www/vhosts/domain.tld/httpdocs:/tmp)
在
/var/www/vhosts/domain.tld/httpdocs/index.php
第5行
块引用>我的Web根目录是在这里:
/var/www/vhosts/domain.tld/httpdocs
我的库和配置目录的位置:
/var/www/vhosts/domain.tld/zend
什么是放松的open_basedir限制,让域文件夹下的目录树可用到我的应用程序的最佳解决方法吗?我有一个数字,我想做到这一点域的,我也明显警惕创造安全漏洞的。
请注意:我使用CentOS的,阿帕奇,的Plesk,我有服务器根SSH访问。虽然这并不直接适用于Zend框架,我在这种情况下使用它。因此,这里是来自Zend的引导包含:
定义('APPLICATION_PATH',真实路径(目录名(__ FILE__)/../zend/application/'));
set_include_path(。APPLICATION_PATH/../zend/libraryPATH_SEPARATOR get_include_path());
解决方案您也可以在使用Apache(假设这是你的Web服务器)配置文件(例如httpd.conf)每个目录的基础上做到这一点很容易p>
<目录/var/www/vhosts/domain.tld/httpdocs>
php_admin_value open_basedir的/var/www/vhosts/domain.tld/httpdocs:/var/www/vhosts/domain.tld/zend
< /目录>您也可以完全删除限制
<目录/var/www/vhosts/domain.tld/httpdocs>
php_admin_value open_basedir的无
< /目录>open_basedir limits the files that can be opened by PHP within a directory-tree.
I am storing several class libraries and configuration files outside of my web root directory. This way the web server does not make them publicly accessible. However when I try to include them from my application I get an open_basedir restriction error like this:
Warning: realpath() [function.realpath]: open_basedir restriction in effect. File(/var/www/vhosts/domain.tld/zend/application) is not within the allowed path(s): (/var/www/vhosts/domain.tld/httpdocs:/tmp) in /var/www/vhosts/domain.tld/httpdocs/index.php on line 5
My web root is here:
/var/www/vhosts/domain.tld/httpdocs
My libraries and configuration directory are here:
/var/www/vhosts/domain.tld/zend
What would be the best workaround to relax the open_basedir restriction so that the the directory tree under the domain folder becomes available to my application? I have a number of domains that I want to do this with, and I'm also obviously wary of creating security vulnerabilities.
Note: I am using CentOS, Apache, Plesk, and I have root ssh access to the server. And though this doesn't apply to Zend Framework directly, I am using it in this instance. So here is the inclusion from Zend's bootstrap:
define('APPLICATION_PATH', realpath(dirname(__FILE__) . '/../zend/application/')); set_include_path(APPLICATION_PATH . '/../zend/library' . PATH_SEPARATOR . get_include_path());
解决方案You can also do this easily on a per-directory basis using the Apache (assuming this is your web server) configuration file (e.g. httpd.conf)
<Directory /var/www/vhosts/domain.tld/httpdocs> php_admin_value open_basedir "/var/www/vhosts/domain.tld/httpdocs:/var/www/vhosts/domain.tld/zend" </Directory>
you can also completely remove the restriction with
<Directory /var/www/vhosts/domain.tld/httpdocs> php_admin_value open_basedir none </Directory>
这篇关于我怎么能放松PHP的open_basedir的限制?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!