我想将我的家庭服务器放在网上供私人使用(使用 Xammp),所以我需要打开安全模式(我的操作系统是 Windows XP)
因此我将位于 xampp 中的 php 文件夹中的 php.ini 的 congif 更改为如下:
Safe Mode
;
safe_mode = On
; By default, Safe Mode does a UID compare check when
; opening files. If you want to relax this to a GID compare,
; then turn on safe_mode_gid.
safe_mode_gid = On
; When safe_mode is on, UID/GID checks are bypassed when
; including files from this directory and its subdirectories.
; (directory must also be in include_path or full path must
; be used when including)
safe_mode_include_dir =
; When safe_mode is on, only executables located in the safe_mode_exec_dir
; will be allowed to be executed via the exec family of functions.
safe_mode_exec_dir =
; Setting certain environment variables may be a potential security breach.
; This directive contains a comma-delimited list of prefixes. In Safe Mode,
; the user may only alter environment variables whose names begin with the
; prefixes supplied here. By default, users will only be able to set
; environment variables that begin with PHP_ (e.g. PHP_FOO=BAR).
;
; Note: If this directive is empty, PHP will let the user modify ANY
; environment variable!
safe_mode_allowed_env_vars = PHP_
; This directive contains a comma-delimited list of environment variables that
; the end user won't be able to change using putenv(). These variables will be
; protected even if safe_mode_allowed_env_vars is set to allow to change them.
safe_mode_protected_env_vars = LD_LIBRARY_PATH
但我仍然得到 PHP 没有在“安全模式”下运行,现在我不想在这种情况发生之前将我的服务器上线,有人能告诉我如何纠正这个错误吗?我已经在谷歌上搜索过了,但没有帮助
另外,请建议我在将其发布到网上之前应该采取/更改的任何其他安全措施/配置。
答案1
我只是注意到你没有填写safe_mode_exec_dir,我希望你已经定义了open_basedir。对于多个目录,请务必用分号分隔路径,并用双引号括住整个路径字符串。例如:
safe_mode= 开启safe_mode_exec_dir= “F:\WWW\HTML;F:\batfiles\batch”open_basedir= “F:\WWW\HTML;F:\batfiles\batch”
同样来自 PHP手动的:
安全模式在 PHP 5.3.0 中已弃用,并在 PHP 6.0.0 中被删除。
来自同一来源:
对于 NT(IIS),每个虚拟主机可以从不同的用户帐户运行,因此如果设置了适当的 NTFS 权限,就根本不需要安全模式限制。