php安全配置
PHP 4.1~5.4,需要关闭register_globals
关闭错误显示
范例
System |
Linux 98.199-245-23.rdns.scalabledns.com 2.6.32-431.el6.x86_64 #1 SMP Fri Nov 22 03:15:09 UTC 2013 x86_64 |
Build Date |
Sep 21 2017 15:58:23 |
Configure Command |
‘./configure’ ‘–prefix=/usr/local/php’ ‘–with-config-file-path=/usr/local/php/etc’ ‘–enable-fpm’ ‘–with-fpm-user=www’ ‘–with-fpm-group=www’ ‘–with-mysql=mysqlnd’ ‘–with-mysqli=mysqlnd’ ‘–with-pdo-mysql=mysqlnd’ ‘–with-iconv-dir’ ‘–with-freetype-dir=/usr/local/freetype’ ‘–with-jpeg-dir’ ‘–with-png-dir’ ‘–with-zlib’ ‘–with-libxml-dir=/usr’ ‘–enable-xml’ ‘–disable-rpath’ ‘–enable-bcmath’ ‘–enable-shmop’ ‘–enable-sysvsem’ ‘–enable-inline-optimization’ ‘–with-curl’ ‘–enable-mbregex’ ‘–enable-mbstring’ ‘–with-mcrypt’ ‘–enable-ftp’ ‘–with-gd’ ‘–enable-gd-native-ttf’ ‘–with-openssl’ ‘–with-mhash’ ‘–enable-pcntl’ ‘–enable-sockets’ ‘–with-xmlrpc’ ‘–enable-zip’ ‘–enable-soap’ ‘–with-gettext’ ‘–disable-fileinfo’ |
Server API |
FPM/FastCGI |
Virtual Directory Support |
disabled |
Configuration File (php.ini) Path |
/usr/local/php/etc |
Loaded Configuration File |
/usr/local/php/etc/php.ini |
Scan this dir for additional .ini files |
(none) |
Additional .ini files parsed |
(none) |
PHP API |
20100412 |
PHP Extension |
20100525 |
Zend Extension |
220100525 |
Zend Extension Build |
API220100525,NTS |
PHP Extension Build |
API20100525,NTS |
Debug Build |
no |
Thread Safety |
disabled |
Zend Signal Handling |
disabled |
Zend Memory Manager |
enabled |
Zend Multibyte Support |
provided by mbstring |
IPv6 Support |
enabled |
DTrace Support |
disabled |
Registered PHP Streams |
https, ftps, compress.zlib, php, file, glob, data, http, ftp, phar, zip |
Registered Stream Socket Transports |
tcp, udp, unix, udg, ssl, sslv3, sslv2, tls |
Registered Stream Filters |
zlib., convert.iconv., mcrypt., mdecrypt., string.rot13, string.toupper, string.tolower, string.strip_tags, convert.*, consumed, dechunk |
Configuration
Directive |
Local Value |
Master Value |
bcmath.scale |
0 |
0 |
Directive |
Local Value |
Master Value |
cgi.discard_path |
0 |
0 |
cgi.fix_pathinfo |
0 |
0 |
cgi.force_redirect |
1 |
1 |
cgi.nph |
0 |
0 |
cgi.redirect_status_env |
no value |
no value |
cgi.rfc2616_headers |
0 |
0 |
fastcgi.error_header |
no value |
no value |
fastcgi.logging |
1 |
1 |
fpm.config |
no value |
no value |
Directive |
Local Value |
Master Value |
allow_url_fopen |
On |
On |
allow_url_include |
Off |
Off |
always_populate_raw_post_data |
Off |
Off |
arg_separator.input |
& |
& |
arg_separator.output |
& |
& |
asp_tags |
Off |
Off |
auto_append_file |
no value |
no value |
auto_globals_jit |
On |
On |
auto_prepend_file |
no value |
no value |
browscap |
no value |
no value |
default_charset |
no value |
no value |
default_mimetype |
text/html |
text/html |
disable_classes |
no value |
no value |
disable_functions |
passthru,exec,system,chroot,scandir,chgrp,chown,shell_exec,proc_open,proc_get_status,popen,ini_alter,ini_restore,dl,openlog,syslog,readlink,symlink,popepassthru,stream_socket_server |
passthru,exec,system,chroot,scandir,chgrp,chown,shell_exec,proc_open,proc_get_status,popen,ini_alter,ini_restore,dl,openlog,syslog,readlink,symlink,popepassthru,stream_socket_server |
display_errors |
Off |
Off |
display_startup_errors |
Off |
Off |
doc_root |
no value |
no value |
docref_ext |
no value |
no value |
docref_root |
no value |
no value |
enable_dl |
Off |
Off |
enable_post_data_reading |
On |
On |
error_append_string |
no value |
no value |
error_log |
no value |
no value |
error_prepend_string |
no value |
no value |
error_reporting |
22527 |
22527 |
exit_on_timeout |
Off |
Off |
expose_php |
On |
On |
extension_dir |
/usr/local/php/lib/php/extensions/no-debug-non-zts-20100525 |
/usr/local/php/lib/php/extensions/no-debug-non-zts-20100525 |
file_uploads |
On |
On |
highlight.c |