Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

How do I limit PHP apps to their own directories and their own php.ini?

I am running multiple PHP apps on my Mac, running OS X 10.5.6, Apache 2, PHP 5. I have subdomains setup for each project, a host file entries for each subdomain, and Virtual Directory blocks in the Apache config. So

project1.localhost goes to /Library/WebServer/Documents/Project1
project2.localhost goes to /Library/WebServer/Documents/Project2
etc...

However, this method doesn't really "isolate" the web apps. For example, if I include a script like so:

<?php
include("/includes/include.php");
?>

It references the script from the base directory of my computer. So it accesses
C:/includes/include.php

Is there a way for me to make it reference
C:/Library/WebServer/Documents/Project2/includes/include.php

Basically, make it so that its not aware of anything outside of its own directory. Also, is there a way to use php.ini's on a per subdomain basis as well?

like image 815
John B Avatar asked Mar 12 '09 17:03

John B


People also ask

What is Max_file_uploads?

max_file_uploads is a setting managed through the PHP Options which sets the maximum number of files that can be uploaded at a time. While do not allow direct changes to PHP.

Which of the following PHP INI directives should be disabled to improve the security of you application?

ini using disable_functions directive. This directive allows you to disable certain functions for security reasons.


1 Answers

I believe it's possible to set a php.ini per virtual host

<VirtualHost *:80>
    ...

    PHPINIDir /full/path/to/php/ini/

</VirtualHost>

this way you can customize open_basedir and others

like image 102
J.C. Inacio Avatar answered Oct 01 '22 11:10

J.C. Inacio