open_basedir 的作用是限制php在指定的目錄裏活動。
相關配置代碼
[root@dl-001 etc]# vim /usr/local/php-fpm/etc/php-fpm.d/test.conf
# 添加如下代碼
php_admin_value[open_basedir]=/data/www/test.com:/tmp/效果測試
先測試錯誤配置時php腳本的效果
[root@dl-001 etc]# vim /usr/local/php-fpm/etc/php-fpm.d/test.conf
# 將添加的代碼內站點錯誤書寫爲aaa.com
php_admin_value[open_basedir]=/data/www/aaa.com:/tmp/重啓php-fpm服務
[root@dl-001 etc]# /usr/local/php-fpm/sbin/php-fpm -t
[09-Jan-2018 18:35:50] NOTICE: configuration file /usr/local/php-fpm/etc/php-fpm.conf test is successful
[root@dl-001 etc]# /etc/init.d/php-fpm restart
Gracefully shutting down php-fpm . done
Starting php-fpm done使用curl測試網頁訪問
# 由於已經設置了open_basedir,網頁無法訪問
[root@dl-001 etc]# curl -x 127.0.0.1:80 test.com/test.php -I
HTTP/1.1 404 Not Found
Server: nginx/1.12.2
Date: Tue, 09 Jan 2018 10:38:45 GMT
Content-Type: text/html; charset=UTF-8
Connection: keep-alive
X-Powered-By: PHP/5.6.30修改正確後驗證
[root@dl-001 etc]# vim /usr/local/php-fpm/etc/php-fpm.d/test.conf
# 將添加的代碼錯誤書寫爲
php_admin_value[open_basedir]=/data/www/test.com:/tmp/重啓服務並驗證
[root@dl-001 etc]# /usr/local/php-fpm/sbin/php-fpm -t
[09-Jan-2018 18:39:10] NOTICE: configuration file /usr/local/php-fpm/etc/php-fpm.conf test is successful
[root@dl-001 etc]# /etc/init.d/php-fpm restart
Gracefully shutting down php-fpm . done
Starting php-fpm done
# 成功訪問
[root@dl-001 etc]# curl -x 127.0.0.1:80 test.com/test.php -I
HTTP/1.1 200 OK
Server: nginx/1.12.2
Date: Tue, 09 Jan 2018 10:39:20 GMT
Content-Type: text/html; charset=UTF-8
Connection: keep-alive
X-Powered-By: PHP/5.6.30php錯誤日誌設置
修復php.ini配置文件,關閉display_errors參數
# 不在瀏覽器上顯示錯誤信息
display_errors = Off
# 開啓錯誤日誌記錄
log_errors = On
# 設置存放路徑
error_log = /usr/local/php-fpm/var/log/php_errors.log
# 設置錯誤記錄級別
error_reporting = E_ALL爲了防止錯誤日誌無法創建並修改,最好先行創建並給予權限。
[root@dl-001 etc]# touch /usr/local/php-fpm/var/log/php_errors.log
[root@dl-001 etc]# chmod 777 /usr/local/php-fpm/var/log/php_errors.log 爲了產生錯誤信息,先故意寫錯php代碼
[root@dl-001 etc]# touch /usr/local/php-fpm/var/log/php_errors.log
[root@dl-001 etc]# chmod 777 /usr/local/php-fpm/var/log/php_errors.log
php_admin_value[open_basedir]=/data/www/aaa.com:/tmp/訪問網頁,其錯誤信息如下
[root@dl-001 etc]# curl -x 127.0.0.1:80 test.com/test.php -I
HTTP/1.1 404 Not Found
Server: nginx/1.12.2
Date: Tue, 09 Jan 2018 10:52:01 GMT
Content-Type: text/html; charset=UTF-8
Connection: keep-alive
X-Powered-By: PHP/5.6.30
# 這裏明確指出所要訪問的網頁不在aaa.com站點
[root@dl-001 etc]# cat /usr/local/php-fpm/var/log/php_errors.log
[09-Jan-2018 10:52:01 UTC] PHP Warning: Unknown: open_basedir restriction in effect. File(/data/www/test.com/test.php) is not within the allowed path(s): (/data/www/aaa.com:/tmp/) in Unknown on line 0
[09-Jan-2018 10:52:01 UTC] PHP Warning: Unknown: failed to open stream: Operation not permitted in Unknown on line 0修改正確後再查看日誌(php文件已被解析)
[root@dl-001 etc]# cat /usr/local/php-fpm/var/log/php_errors.log
...
[09-Jan-2018 10:53:18 UTC] PHP Warning: phpinfo(): It is not safe to rely on the system's timezone settings. You are *required* to use the date.timezone setting or the date_default_timezone_set() function. In case you used any of those methods and you are still getting this warning, you most likely misspelled the timezone identifier. We selected the timezone 'UTC' for now, but please set date.timezone to select your timezone. in /data/www/test.com/test.php on line 2