PHP scripts security?
Posted: 29. September 2008 13:42Hi All
I try to win2003 + xampp set up web servers, will be launched to support multi-site, the opening of virtual hosting services,
Editor xampp \ apache \ conf \ extra \ httpd-vhosts.conf file
<VirtualHost *:80>
ServerAdmin webmaster@dummy-host2.example.com
DocumentRoot d: \ web_server \ xampp \ htdocs \ a.com
ServerName www.a.com
# # ErrorLog @ rel_logfiledir @ / dummy-host2.example.com-error_log
# # CustomLog @ rel_logfiledir @ / dummy-host2.example.com-access_log common
</ VirtualHost>
Browser enter www.a.com successful visit.
However, there is a very serious security issues with www.a.com users upload PHP scripts can visit any district in any directory; can perform any DOS command. On the server has a list of all the district and the rights of all, I would like to ask how to prevent this? xampp for server products, the need to pay special attention to security settings?
Thanks!
I try to win2003 + xampp set up web servers, will be launched to support multi-site, the opening of virtual hosting services,
Editor xampp \ apache \ conf \ extra \ httpd-vhosts.conf file
<VirtualHost *:80>
ServerAdmin webmaster@dummy-host2.example.com
DocumentRoot d: \ web_server \ xampp \ htdocs \ a.com
ServerName www.a.com
# # ErrorLog @ rel_logfiledir @ / dummy-host2.example.com-error_log
# # CustomLog @ rel_logfiledir @ / dummy-host2.example.com-access_log common
</ VirtualHost>
Browser enter www.a.com successful visit.
However, there is a very serious security issues with www.a.com users upload PHP scripts can visit any district in any directory; can perform any DOS command. On the server has a list of all the district and the rights of all, I would like to ask how to prevent this? xampp for server products, the need to pay special attention to security settings?
Thanks!