开发者

How can I forbid PHP to access other folders?

开发者 https://www.devze.com 2022-12-29 21:34 出处:网络
I am using GoDaddy shared Linux hosting and I hosted multiple domains with the same machine. Last week, one of my WordPress sites was infected with malware. Then this worm code spread to my all domain

I am using GoDaddy shared Linux hosting and I hosted multiple domains with the same machine. Last week, one of my WordPress sites was infected with malware. Then this worm code spread to my all domains instantly.

How can I forbi开发者_开发问答d to access other domains (folders) from a domain (folder)? Perhaps I can put something in my php.ini?


I think your only chance to do that on shared hosting is the open_basedir setting.

In each web root, create a .htaccess file containing the following:

php_admin_value open_basedir /path/to/current/web/site

if this works, every fopen(), include() etc. access outside /path/to/current/web/site should fail with an error message.

It can be that your provider has disabled this possibility - if they have, it'll be silently ignored. It could also be that an open_basedir has already been set centrally for all your sites. That setting could be inherited, rendering any further settings moot. You'll have to try out.


I'd contact the godaddy support and inquire about using htaccess to restrict access.

  • http://www.yorku.ca/computng/students/webpages/central_web/htaccess.html
0

精彩评论

暂无评论...
验证码 换一张
取 消