Dear Wiki user, You have subscribed to a wiki page or wiki category on "Httpd Wiki" for change notification.
The "SecuringPHP" page has been changed by jmcg. http://wiki.apache.org/httpd/SecuringPHP?action=diff&rev1=5&rev2=6 -------------------------------------------------- DocumentRoot /srv/web/domain.tld/htdocs ServerName domain.tld - php_admin_value open_basedir /srv/web/domain.tld/ + php_admin_value open_basedir /srv/web/domain.tld/:/usr/share/pear/ php_admin_value upload_tmp_dir /srv/web/domain.tld/ php_admin_value session.safe_path /srv/web/domain.tld/sessions/ @@ -72, +72 @@ First of all we set our ''htdocs'' as the ''DocumentRoot'', set the ServerName and then we allow PHP to access this domain's basedirectory. - The reason for this is that we need need to access ''tmp'' and ''sessions''. I have experienced that copy/move and other functions related to upload from ''tmp'' to ''htdocs'' will FAIL if you just specify a path in the style of ''/foo/bar:/baz''. + The reason for this is that we need need to access ''tmp'' and ''sessions''. I have experienced that copy/move and other functions related to upload from ''tmp'' to ''htdocs'' will FAIL if you just specify a path in the style of ''/foo/bar:/baz''. But the workaround shown here has two advantages: First of all: It works. And secondly, even more importantly it gives an additional security-margin of a separation-of-concerns on a vhost-base! Also note that ''open_basedir'' has a special feature, that searches for files or directories starting with ''bar'' if you specify a path of ''/foo/bar'' -- with no trailing slash.
