我安装了Apache2.4 + Php5.6 + mod_proxy_fcgi + php-fpm等东西,如Mysql 5.5,Phpmyadmin和munin,没问题。 注意:我也激活了userdir并重写。
现在我想要更安全,但SuExec不起作用,没有发现错误。 如果我把/home/sitetest/public_html/test.php放在:
<?php echo exec('whoami'); ?> 它说:
www-data
我能做什么? search谷歌不帮我。
/var/log/apache2/error.log
[Fri Dec 11 21:32:21.918933 2015] [mpm_prefork:notice] [pid 771] AH00169: caught SIGTERM, shutting down [Fri Dec 11 21:32:28.064683 2015] [suexec:notice] [pid 12374] AH01232: suEXEC mechanism enabled (wrapper: /usr/lib/apache2/suexec) [Fri Dec 11 21:32:28.126362 2015] [mpm_prefork:notice] [pid 12375] AH00163: Apache/2.4.10 (Debian) configured -- resuming normal operations [Fri Dec 11 21:32:28.128026 2015] [core:notice] [pid 12375] AH00094: Command line: '/usr/sbin/apache2'
/etc/apache2/apache2.conf中
<Directory /> Options FollowSymLinks AllowOverride None Require all denied </Directory> <Directory /usr/share> AllowOverride None Require all granted </Directory> <Directory /home> Options FollowSymLinks AllowOverride All Require all granted </Directory> <Directory /var/cache/munin/www/> Options Indexes FollowSymLinks AllowOverride All Require all granted </Directory>
/etc/apache2/sites-enabled/sitetest.net.conf
<VirtualHost *:80> <FilesMatch \.php$> SetHandler "proxy:unix:/var/run/php5-fpm.sock|fcgi://localhost/" </FilesMatch> ServerName www.sitetest.net ServerAlias sitetest.net ServerAdmin [email protected] DocumentRoot /home/sitetest/public_html ErrorLog /home/sitetest/logs/error.log CustomLog /home/sitetest/logs/access.log combined SuexecUserGroup sitetest sitetest </VirtualHost>
的/ etc / apache2的/ suexec的/ www数据
/home public_html
/etc/apache2/mods-enabled/userdir.conf
<IfModule mod_userdir.c> UserDir public_html UserDir disabled root <Directory /home/*/public_html> AllowOverride FileInfo AuthConfig Limit Indexes Options ExecCGI SymLinksIfOwnerMatch <Limit GET POST OPTIONS> Require all granted </Limit> <LimitExcept GET POST OPTIONS> Require all denied </LimitExcept> </Directory> </IfModule>