(1) Turn on the safe mode of php
The safe mode of php is a very important built-in security mechanism, which can control some functions in php, such as system(),
At the same time, it also controls the permissions of many file operation functions. , and also does not allow certain key files, such as /etc/passwd,
But the default php.ini does not turn on the safe mode, we turn it on:
safe_mode = on
(2) User Group Security
When safe_mode is turned on and safe_mode_gid is turned off, the php script can access the file, and users in the same
group can also access the file.
It is recommended to set it to:
safe_mode_gid = off
If it is not set, we may not be able to operate the files in the directory of our server website, such as when we need to
operate files.
(3) Home directory for executing programs in safe mode
If safe mode is turned on but you want to execute certain programs, you can specify the home directory for executing programs:
safe_mode_exec_dir = D:/usr/bin
Generally, there is no need to execute any program, so it is recommended not to execute the system program directory. You can point to a directory,
Then copy the program that needs to be executed, for example:
safe_mode_exec_dir = D:/tmp/cmd
However, I recommend not to execute any program, then you can point to our web page directory:
safe_mode_exec_dir = D:/usr/www
(4) Include files in safe mode
If you want to include certain files in safe mode Public files, then modify the options:
safe_mode_include_dir = D:/usr/www/include/
In fact, generally the files included in php scripts have been written in the program itself. This can be set according to specific needs.
(5) Control the directories that php scripts can access
Use the open_basedir option to control that PHP scripts can only access specified directories. This can prevent PHP scripts from accessing files that
should not access, and limits the harm of phpshell to a certain extent. , we can generally set it to only access the website directory:
open_basedir = D:/usr/www
(6) Turn off dangerous functions
If the safe mode is turned on, then function ban is not necessary, but for our sake Safety should be considered. For example,
We feel that we do not want to execute php functions including system() that can execute commands, or
phpinfo() and other functions that can view php information, then we can disable them:
disable_functions = system ,passthru,exec,shell_exec,popen,phpinfo
If you want to prohibit any file and directory operations, you can close many file operations
disable_functions = chdir,chroot,dir,getcwd,opendir,readdir,scandir,fopen,unlink ,delete,copy,mkdir, rmdir,rename,file,file_get_contents,fputs,fwrite,chgrp,chmod,chown
The above are just some of the commonly used file processing functions. You can also combine the above execution command function with this function Combined,
can resist most phpshells.
(7) Turn off the leakage of PHP version information in the http header
In order to prevent hackers from obtaining the php version information in the server, we can turn off the information in the http header:
expose_php = Off
For example, hackers use telnet When www.shilicn.com is 80, you will not be able to see PHP information.
(8) Turn off registering global variables
Variables submitted in PHP, including variables submitted using POST or GET, will be automatically registered as global variables and can be accessed directly.
This is very unsafe for the server. So we can’t let it be registered as a global variable, so we turn off the register global variable option:
register_globals = Off
Of course, if it is set like this, then we must use reasonable methods to obtain the corresponding variables, such as obtaining the variables submitted by GET var,
then use $_GET['var'] to obtain it. PHP programmers should pay attention to this.
(9) Turn on magic_quotes_gpc to prevent SQL injection
SQL injection is a very dangerous problem. It can cause the website backend to be invaded, or the entire server to fall.
So be careful. There is a setting in php.ini:
magic_quotes_gpc = Off
This is off by default. If it is turned on, it will automatically convert user-submitted SQL queries,
For example, convert ' to ', etc., which will prevent SQL injection plays a major role. So we recommend setting it to:
magic_quotes_gpc = On
(10) Error message control
Generally, php will prompt an error when it is not connected to the database or under other circumstances. Generally, the error message will contain the php script when
The previous path information or the query SQL statement and other information are not safe after this type of information is provided to hackers, so it is generally recommended for servers to disable error prompts:
display_errors = Off
If you want to display error messages, Be sure to set the level of display errors, such as only displaying information above warnings:
error_reporting = E_WARNING & E_ERROR
Of course, I still recommend turning off error prompts.
(11) Error log
It is recommended to record the error information after turning off display_errors, so as to find the reason for the server operation:
log_errors = On
At the same time, it is also necessary to set the directory where the error log is stored. It is recommended to root the apache log Exist together:
error_log = D:/usr/local/apache2/logs/php_error.log
Note: The file must allow the apache user and group to have write permissions.
MYSQL running with reduced privileges
Create a new user such as mysqlstart
net user mysqlstart ****microsoft /add
net localgroup users mysqlstart /del
Does not belong to any group
If MYSQL is installed in d:mysql , then, give mysqlstart full control permission
Then set the MYSQL service properties in the system service. In the login properties, select this user mysqlstart and enter the password, OK.
Restart the MYSQL service, and then MYSQL will run with low privileges.
If the apache is built on the windos platform, we need to pay attention to one thing. By default, apache runs with system permissions.
This is scary and makes people feel very uncomfortable. Then let’s lower the permissions of apache.
net user apache ****microsoft /add
net localgroup users apache /del
ok. We created a user apche that does not belong to any group.
We open the computer manager, select services, click on the properties of the apache service, we select log on, select this account, we fill in the account and password created above,
Restart the apache service, ok, apache is running with low privileges Got off.
In fact, we can also set the permissions of each folder so that the apache user can only perform what we want it to do, and create a separate read-write user for each directory.
This is also a popular configuration method used by many virtual host providers. However, this method is overkill when used to prevent this. (http://www.65066.com.cn)
![[Web front-end] Node.js quick start](https://img.php.cn/upload/course/000/000/067/662b5d34ba7c0227.png)
