禁用可执行code上的Apache服务器的一个子域(CGI / SSI / PHP /等)。 [英] Disabling executable code (CGI/SSI/PHP/etc.) on a sub-domain of an Apache server
问题描述
我最近一直在负责打开一个小规模的网站,允许受信任的用户从他们的本地磁盘客场上传和存储文件进行备份的一个子域。一般情况下,这个新的子域将被用于存储静态为主Office的文档类型(例如,Microsoft / OpenOffice的文档,PDF,纯文本文件等)。
I have recently been tasked with opening a sub-domain of a small-scale website that allows trusted users to upload and store files as backups away from their local disks. In general, this new sub-domain will be used to store mainly static Office-type documents (e.g. Microsoft/OpenOffice documents, PDFs, plain text files etc).
我要确保有一个没有机会(或现实的,因为很少有机会在物理上可能的)一个天真的用户无意中上传潜在致命的文件,例如一些讨厌的PHP脚本。理想情况下,我想关闭PHP和其他任何可能存在安全风险(CGI程序,服务器端包含等)。
I want to ensure that there is a no chance (or realistically, as little chance as physically possible) of a naïve user inadvertently uploading a potentially fatal file, e.g. some nasty PHP script. Ideally, I would like to close down PHP and anything else that could be a security risk (CGI processes, Server-Side Includes etc).
我只是想知道,如果的堆栈溢出的社区可以帮助回答以下问题:什么是关闭与动态/可执行$处理所有类型的文件/进程的最佳途径C $ C,所以在效果子域名无非是一个基本的静态文件服务器的更多?
I was just wondering if the Stack Overflow community could help to answer the following question: What is the best way of shutting down all file types/processes that deal with dynamic/executable code, so in effect the the sub-domain is nothing more than a basic static file server?
我已经对谷歌使用不同的关键字/短语的样子,但我似乎无法找到一个很好的参考,以使得一个子域安全,因为它可以从权威的共享服务器的级别有人做。
I have had a look on Google using various keywords/phrases, but I cannot seem to find a good reference to making a sub-domain "safe" as it is possible to do from somebody with a shared server's level of authority.
该网站在Apache 2.2运行在一个典型的LAMP架构,并托管在第三方共享服务器。
The website runs on Apache 2.2 on a typical LAMP architecture, and is hosted on a third party shared server.
我DO 访问:
-
的.htaccess
(目录级别具有典型的权限/限制) -
的php.ini
和.user.ini
(目录级别具有典型的权限/限制) - 控制面板软件与一些相当慷慨的选项和功能(的cPanel X )
- 相当灵活的Web主机了一个良好的技术支持服务
.htaccess
(directory level with typical privileges/restrictions)php.ini
and.user.ini
(directory level with typical privileges/restrictions)- control panel software with some fairly generous options and features (cPanel X)
- fairly flexible web hosts with an excellent tech support service
我不要访问:
- root访问权限(显然!)
-
的httpd.conf
-
的php.ini
(应用程序服务器级别) -
mysql.cnf
- root access (obviously!)
httpd.conf
php.ini
(application server level)mysql.cnf
请记住,我没有足够的资源来只投资于一个文件服务器或外包给第三方服务。此外,该服务器是不会在一个CDN意义上被使用,因此性能是不是一个真正的问题。
Please bear in mind that I do not have the resources to just invest in a file server or outsource it to a third-party service. Also, this server is not going to be used in a CDN sense, so performance is not really an issue.
(另外,我不知道是什么,可客户端脚本,例如JavaScript的/ VBScript中来完成,但是任何建议将受到欢迎。)
(Also, I don't know what can be done about client-side scripts, e.g. JavaScript/VBScript, but any suggestions would be welcome.)
在此先感谢!
推荐答案
简单。不提供这些文件的直接访问。通过PHP脚本运行一切,这提供了内容为应用程序/八位字节流
。例如
Simple. Don't provide direct access to the files. Run EVERYTHING through a PHP script, which serves up the content as application/octet-stream
. e.g.
<?php
$id = $_GET['id'];
$data = get_file_details_from_database($id);
if (user_is_allowed_to_access($id)) {
header('Content-type: application/octet-stream');
readfile($data['path_to_file_on_server']);
}
通过这个不要紧,在所有他们上传什么样的文件 - 它决不会通过直接直接访问 http://example.com/nastyfile.php
型URL。如果你将文件存储只使用其内部ID号的驱动器上,而不是他们的用户提供的文件名,你获得更高的安全性。一个网络服务器可能会试图执行 nastyscript.php
,但如果它只是 12345
的驱动器上,服务器将不会知道用它做。
With this it doesn't matter AT ALL what kind of file they upload - it will never be directly accessible via a direct http://example.com/nastyfile.php
-type URL. And if you store the files on the drive using only their internal ID number, and not their user-provided filename, you gain even more security. A webserver might try to execute nastyscript.php
, but if it's just 12345
on the drive, the server won't know what to do with it.
这篇关于禁用可执行code上的Apache服务器的一个子域(CGI / SSI / PHP /等)。的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!