Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Where should I place sensitive files so that they are read-able by PHP scripts?

I am on a Parallels/Plesk VPS host, and this is a really newbie question.

The webroot is at:

/var/www/vhosts/my-domain-name/httpdocs

There is also a path called:

/var/www/vhosts/my-domain-name/private/

But PHP scripts can't seem to read files in there.

From my understanding any file placed within the webroot, is in danger of being served to the public if requested by its web-path/filename. I am vaguely aware of the use of .htaccess files to tell Apache not to serve certain files/dirs.

But can (or should) I place my sensitive file somewhere outside of the webroot, while still allowing it to be read by PHP scripts?

Thank you!

Here were my errors when trying to read a file within the "private" folder above:

Warning: file() [function.file]: open_basedir restriction in effect. File(../../private/test.txt) is not within the allowed path(s): (/var/www/vhosts/blah.com/httpdocs:/tmp) in /var/www/vhosts/blah.com/httpdocs/misc/testscript.php on line 8

Warning: file(../../private/test-dt.txt) [function.file]: failed to open stream: Operation not permitted in /var/www/vhosts/blah.com/httpdocs/misc/testscript.php on line 8

UPDATE: SOLVED

Picto at reddit/r/PHPHelp gave me what I needed, and it is specific to Plesk systems. I had to write a file called vhost.conf placed in the conf folder which exists at the same level as httpdocs. And in the vhost.conf, I used:

<Directory /var/www/vhosts/my-domain-name/httpdocs>
php_admin_value open_basedir /var/www/vhosts/my-domain-name/httpdocs:/tmp:/var/www/vhosts/my-domain-name/myfolder
</Directory>

So I now place my sensitive files in "myfolder", which is outside of the webroot (httpdocs). After this, to make these settings take effect, (restarting Apache doesn't work) there are some Plesk specific commands to give, see: http://www.gadberry.com/aaron/2006/02/09/plesk_vhost/

like image 645
Doochz Avatar asked Sep 13 '11 10:09

Doochz


People also ask

Where should I place my PHP file?

If your server supports PHP, then you do not need to do anything. Just create your . php files, put them in your web directory and the server will automatically parse them for you. There is no need to compile anything nor do you need to install any extra tools.

Are PHP files secure?

PHP is as secure as any other major language. PHP is as secure as any major server-side language. With the new PHP frameworks and tools introduced over the last few years, it is now easier than ever to manage top-notch security.

Should PHP files be executable?

Note that the file does not need to be executable or special in any way. The server finds out that this file needs to be interpreted by PHP because you used the ". php" extension, which the server is configured to pass on to PHP.


2 Answers

It's a good practice store sensitive data outside apache document root.

You need to allow PHP to access these folders adding or modifying the Virtual Host configuration.

Look for php_value open_basedir

and add your folders separated by a colon (:)

More info at open_basedir

Note: there is a few security issues with open_basedir, explained in

http://www.hardened-php.net/advisory_012004.42.html

EDIT:

I use this tree structure for each domain:

domain/            www-data permisions
├── etc            r-x
├── log            rwx
├── phpCache       rwx
├── phpFiler       rwx
├── phpInclude     r-x
├── phpLogs        rwx
├── phpSession     rwx
├── phpTmp         rwx
├── phpTrash       rwx
├── privat         --- 
├── www443         r-x
└── www80          r-x

etc: for application configuration files.

log: for Apache or nginx log files

phpCache: for Zend_Cache files

phpFiler: for app's files, a PHP script serves it if the user has privileges.

phpInclude: php_value include_path

phpLogs: for application logs

phpSessions: for store this virtual host data sessions.

phpTmp: for temporal files, like uploaded.

phpTrash: a trash for phpFiler.

privat: for my private pourposes

www443: for https document root

www80: for http document root

In open_basedir clausule I put all folders except log and privat.

like image 187
corretge Avatar answered Sep 18 '22 06:09

corretge


This means, that the so-called safe-mode is in affect, which does not allow any opening of file and directories outside a given directory (e.g. your specific webroot). This is very common on shared hosters and if you do not have access to the php.ini, you are out of luck and cannot access your files in ../private.

To access protected files, add a directory below your usual httpdocs-directory (e.g. private) and add a .htaccess-file inside with the content

order allow
deny deny from all

This will prevent anyone accessing the files without going through your php-script.

On a last note: if your php-file has been right under the httpdocs-directory, your script needs to point to ../private/test-dt.txt and not to ../../private/test-dt.txt.

like image 36
Lars Avatar answered Sep 18 '22 06:09

Lars