apache和php设置

php

post_max_size
upload_max_filesize

session.cookie_httponly=1

session.name = SID

 baseinfo

 

 

 

session.save_path = ${SESSION_SAVE_PATH}
upload_tmp_dir = ${upload_tmp_dir}
error_log = "${WEBROOT}/logs/php_error.log"
display_errors = Off
display_startup_errors = Off
error_reporting = E_ALL
expose_php = Off

disable_functions = glob, filter_list, chown, chmod, get_current_user, php_uname, putenv, getmyuid, getmypid, dl, ini_alter, ini_restore, exec, passthru, system, popen, pclose, leak, mysql_list_dbs, listen, chgrp, disk_total_space, disk_free_space, rmdir, tmpfile, link, shell_exec, proc_open, chroot, openlog, closelog, syslog, flock, socket_create_listen, socket_accept, socket_listen, sleep, umask, set_include_path, restore_include_path, symlink, imagerotate
session.name =  ${SESSIONNAME}
upload_max_filesize = 80M 
open_basedir =  ${WEBROOT}
cgi.fix_pathinfo=0

 

——————————————————————————

 apache

<FilesMatch ".(htaccess|htpasswd|ini|phps|fla|psd|log|sh|bak|config|asp|aspx|cs|tpl|inc)$"> 
 Require all denied

 Order Allow,Deny

 Deny from all 

</FilesMatch>
 


<VirtualHost *:80>
 ServerName xx.xx.xx.xx
 ServerAlias *
 <Location />
 Order Allow,Deny
 Deny from all
 </Location>
</VirtualHost>

 


AddType application/font-woff woff

AddType application/font-woff2 woff2

AddType application/vnd.ms-fontobject eot

AddType application/image/svg+xml svg

_ __ __ __ __ __ __ __ __ __ __ __ __ __ __ __ __ __ __ __ __ __ __ __

 vhost中禁止upload文件夹运行php

<VirtualHost *:80> 
 
 <Directory ${web_path}/www>
 
  Options FollowSymLinks ExecCGI
   AllowOverride all
                 Require all granted
   Require method GET POST OPTIONS
   DirectoryIndex  index.php
   Allow from all
        </Directory>
 
 ErrorDocument 404 /404.html
 

 


 <Directory ${web_path}/www>
 
  Options FollowSymLinks ExecCGI
   AllowOverride all
                 Require all granted
   Require method GET POST OPTIONS
   DirectoryIndex  index.php
   Allow from all  

   </Directory>
 

禁止uploadfiles运行
 <Directory ${web_path}/www/uploadfiles>
  <FilesMatch ".(?i:php|php3|php4|php5|asp|aspx|cs|ini|config|bak|sh|tpl|inc)">
      Order  allow,deny
      Deny  from  all
  </FilesMatch>
 </Directory>

 

 

</VirtualHost>

 

apache 降权

——————————————————————————
mysql降权


secure_file_priv=null

local-infile=0

 

 


禁止降权用户本地登录

豫ICP备12024565号-1   E-mail:admin@hlc8.com