[CentOS] General question about PHP

Wed Sep 26 16:04:23 UTC 2007
Wei Yu <zig.wei at gmail.com>

That's great, thank you!

On 9/26/07, Miskell, Craig <Craig.Miskell at agresearch.co.nz> wrote:
> > Hello,
> >
> > Is that possible to disable running of PHP on certain directories?
> > I am running a server which provides personal homepage
> > service. However, not every user are familiar with security,
> > some may upload some PHP scripts with bugs/holes. I do not
> > want them to be executed on the server.
> > I can enable the safe_mode, but I have some other PHP scripts
> > which need safe_mode to be disabled.
> > Any suggestions?
> Yes.  In you httpd.conf, you can include:
> <Directory "/var/www/sheep/html/tmp">
>        php_flag engine off
> </Directory>
> Which disables php processing for the directory /var/www/sheep/html/tmp
> .  You could probably just include
> php_flag engine off
> In an .htaccess in the directory in question, assuming you've set
> AllowOverride to an appropriate value, and don't mind the slight
> performance hit of doing it that way.
> We use the former method to protect areas where users are permitted to
> upload files to (mediawiki in this case), stopping a user uploading
> something malicious which would then execute in the context of the
> webserver
> Craig Miskell
> =======================================================================
> Attention: The information contained in this message and/or attachments
> from AgResearch Limited is intended only for the persons or entities
> to which it is addressed and may contain confidential and/or privileged
> material. Any review, retransmission, dissemination or other use of, or
> taking of any action in reliance upon, this information by persons or
> entities other than the intended recipients is prohibited by AgResearch
> Limited. If you have received this message in error, please notify the
> sender immediately.
> =======================================================================
> _______________________________________________
> CentOS mailing list
> CentOS at centos.org
> http://lists.centos.org/mailman/listinfo/centos

Zijing 15# 1404B Tsinghua Univ.
+86 -10 -51537235
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.centos.org/pipermail/centos/attachments/20070927/dfb6e098/attachment-0004.html>