如何放宽 PHP 的 open_basedir 限制?
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/223800/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
How can I relax PHP's open_basedir restriction?
提问by isuldor
open_basedirlimits the files that can be opened by PHP within a directory-tree.
open_basedir限制了 PHP 在目录树中可以打开的文件。
I am storing several class libraries and configuration files outside of my web root directory. This way the web server does not make them publicly accessible. However when I try to include them from my application I get an open_basedir restriction error like this:
我在我的 web 根目录之外存储了几个类库和配置文件。通过这种方式,Web 服务器不会使它们可公开访问。但是,当我尝试从我的应用程序中包含它们时,我收到如下 open_basedir 限制错误:
Warning: realpath() [function.realpath]: open_basedir restriction in effect. File(/var/www/vhosts/domain.tld/zend/application) is not within the allowed path(s): (/var/www/vhosts/domain.tld/httpdocs:/tmp) in /var/www/vhosts/domain.tld/httpdocs/index.php on line 5
警告:realpath() [function.realpath]:open_basedir 限制生效。文件(/var/www/vhosts/domain.tld/zend/application)不在允许的路径内:(/var/www/vhosts/domain.tld/httpdocs:/tmp)在/var/www/第 5 行的 vhosts/domain.tld/httpdocs/index.php
My web root is here:
我的网络根在这里:
/var/www/vhosts/domain.tld/httpdocs
My libraries and configuration directory are here:
我的库和配置目录在这里:
/var/www/vhosts/domain.tld/zend
What would be the best workaround to relax the open_basedir restriction so that the the directory tree under the domain folder becomes available to my application? I have a number of domains that I want to do this with, and I'm also obviously wary of creating security vulnerabilities.
放宽 open_basedir 限制以便域文件夹下的目录树可用于我的应用程序的最佳解决方法是什么?我有许多域想要这样做,而且我显然也担心会产生安全漏洞。
Note: I am using CentOS, Apache, Plesk, and I have root ssh access to the server. And though this doesn't apply to Zend Framework directly, I am using it in this instance. So here is the inclusion from Zend's bootstrap:
注意:我使用的是 CentOS、Apache、Plesk,并且我拥有对服务器的 root ssh 访问权限。虽然这并不直接适用于 Zend Framework,但我在本例中使用了它。所以这里是 Zend 引导程序的内容:
define('APPLICATION_PATH', realpath(dirname(__FILE__) . '/../zend/application/'));
set_include_path(APPLICATION_PATH . '/../zend/library' . PATH_SEPARATOR . get_include_path());
采纳答案by Tom Haigh
You can also do this easily on a per-directory basis using the Apache (assuming this is your web server) configuration file (e.g. httpd.conf)
您还可以使用 Apache(假设这是您的 Web 服务器)配置文件(例如 httpd.conf)在每个目录的基础上轻松完成此操作
<Directory /var/www/vhosts/domain.tld/httpdocs>
php_admin_value open_basedir "/var/www/vhosts/domain.tld/httpdocs:/var/www/vhosts/domain.tld/zend"
</Directory>
you can also completely remove the restriction with
你也可以完全取消限制
<Directory /var/www/vhosts/domain.tld/httpdocs>
php_admin_value open_basedir none
</Directory>
回答by user27987
add the paths you need to access to (/var/www/vhosts/domain.tld/zend) to your open_basedir directive (you can specify several paths using the path separator ':' or ';' in windows)
将您需要访问的路径 (/var/www/vhosts/domain.tld/zend) 添加到您的 open_basedir 指令(您可以在 Windows 中使用路径分隔符 ':' 或 ';' 指定多个路径)
note that the values in the open_basedir are prefixes, which means that anything under the /var/www/vhosts/domain.tld/zend will be accessible
请注意 open_basedir 中的值是前缀,这意味着 /var/www/vhosts/domain.tld/zend 下的任何内容都可以访问
回答by Igor Parra
In Parallels Plesk Panel (e.g. 1and1) you can do it in the PHP panel settings:
在 Parallels Plesk Panel(例如 1and1)中,您可以在 PHP 面板设置中进行设置:
here:
这里:
