[L] lt; VirtualHost gt; ๒๒๒๒๒๒๒๒๒๒๒๒๒๒๒๒๒๒๒๒๒๒๒๒๒๒ แต่ มันกินไปทั้วเว็บจะทำไงดี lt;VirtualHost *:80 gt; ServerName sam com DocumentRoot C: AppServ www php value enable functions phpinfo จะหาวิธี ประมาณเนี้ยก็ไม่มี lt; VirtualHost gt; lt;VirtualHost *:80 gt; ServerName * sam com DocumentRoot C: AppServ www RewriteEngine on RewriteCond % HTTP HOST !^ www|ftp|mail sam com RewriteCond % HTTP HOST ^ * sam com RewriteRule * users %1 disable_functions phpinfo not disable main but disable sub folde [L] lt; VirtualHost gt; หรือ lt;VirtualHost *:80 gt; ServerName sam com DocumentRoot C: AppServ www lt; VirtualHost gt; lt;VirtualHost *:80 gt; ServerName * sam com DocumentRoot C: AppServ www RewriteEngine on RewriteCond % HTTP HOST !^ www|ftp|mail sam com RewriteCond % HTTP HOST ^ * sam com RewriteRule * users %1 disable_functions phpinfo not disable main but disable sub folde [L] php admin value disable functions phpinfo วิธีนี้ไม่มีไรเกิดขึ้นเลย lt; VirtualHost gt; ก็ไม่ได้ซักที เห็นเว็บ http: www apachelounge com viewtopic php p=52 Here is an example part of one of my vhost entry files: Code: lt;VirtualHost * gt; ServerName www domain com ServerAlias domain com www domain2 com www domain3 com DocumentRoot x: www dir1 dir2 php admin value disable functions shell exec,passthru,proc close,proc get status,proc open,proc terminate,system php admin value max execution time 120 php admin value memory limit 16M php admin value session use only cookies 0 php admin value magic quotes gpc Off php admin value session auto start 1 php admin value session cookie lifetime 0 php admin value session cache expire 320 lt; VirtualHost gt; lt;VirtualHost * gt; ServerName sub domain com DocumentRoot x: www sub domain php admin value disable functions shell exec,exec,virtual,passthru,proc close,proc get status,proc open,proc terminate,system php admin value max execution time 30 php admin value memory limit 8M php admin value post max size 2M php admin value upload tmp dir x: www sub domain tmp lt; VirtualHost gt; lt;VirtualHost * gt; ServerName sub2 domain com DocumentRoot x: www sub2 domain dir php admin value disable functions shell exec,exec,virtual,passthru,proc close,proc get status,proc open,proc terminate,system php admin value max execution time 60 php admin value memory limit 2M php admin value post max size 1M lt; VirtualHost gt; lt;VirtualHost * gt; ServerName www domain4 com ServerAlias domain4 com * domain4 com domain4 domain com DocumentRoot x: www domain4 php admin value disable functions shell exec,exec,virtual,passthru,proc close,proc get status,proc open,proc terminate,system php admin value open basedir x: www domain4 php admin value upload tmp dir x: www domain4 tmp php admin value session use only cookies 1 lt; VirtualHost gt; In my httpd conf file I have the follwing: Code: ###### get vhosts ###### NameVirtualHost * Include conf domain list 1 conf Include conf domain list 2 conf Include conf domain list 3 conf Include conf domain list 4 conf ###################### This bit includes the domain info so that I don t have a massive 4000 line httpd conf file = = = = = = = = = = = = = = = = = = = = For you though, it does NOT matter where the ROOT directory for the server is, when you set up your vhosts So, try something like this: Code: NameVirtualHost * lt;VirtualHost * gt; ServerName www domain1 com ServerAlias domain1 com * domain1 com DocumentRoot x: www domain1 lt; VirtualHost gt; lt;VirtualHost * gt; ServerName www domain2 com ServerAlias domain2 com *domain2 com DocumentRoot x: www domain2 lt; VirtualHost gt;"> [L] lt; VirtualHost gt; ๒๒๒๒๒๒๒๒๒๒๒๒๒๒๒๒๒๒๒๒๒๒๒๒๒๒ แต่ มันกินไปทั้วเว็บจะทำไงดี lt;VirtualHost *:80 gt; ServerName sam com DocumentRoot C: AppServ www php value enable functions phpinfo จะหาวิธี ประมาณเนี้ยก็ไม่มี lt; VirtualHost gt; lt;VirtualHost *:80 gt; ServerName * sam com DocumentRoot C: AppServ www RewriteEngine on RewriteCond % HTTP HOST !^ www|ftp|mail sam com RewriteCond % HTTP HOST ^ * sam com RewriteRule * users %1 disable_functions phpinfo not disable main but disable sub folde [L] lt; VirtualHost gt; หรือ lt;VirtualHost *:80 gt; ServerName sam com DocumentRoot C: AppServ www lt; VirtualHost gt; lt;VirtualHost *:80 gt; ServerName * sam com DocumentRoot C: AppServ www RewriteEngine on RewriteCond % HTTP HOST !^ www|ftp|mail sam com RewriteCond % HTTP HOST ^ * sam com RewriteRule * users %1 disable_functions phpinfo not disable main but disable sub folde [L] php admin value disable functions phpinfo วิธีนี้ไม่มีไรเกิดขึ้นเลย lt; VirtualHost gt; ก็ไม่ได้ซักที เห็นเว็บ http: www apachelounge com viewtopic php p=52 Here is an example part of one of my vhost entry files: Code: lt;VirtualHost * gt; ServerName www domain com ServerAlias domain com www domain2 com www domain3 com DocumentRoot x: www dir1 dir2 php admin value disable functions shell exec,passthru,proc close,proc get status,proc open,proc terminate,system php admin value max execution time 120 php admin value memory limit 16M php admin value session use only cookies 0 php admin value magic quotes gpc Off php admin value session auto start 1 php admin value session cookie lifetime 0 php admin value session cache expire 320 lt; VirtualHost gt; lt;VirtualHost * gt; ServerName sub domain com DocumentRoot x: www sub domain php admin value disable functions shell exec,exec,virtual,passthru,proc close,proc get status,proc open,proc terminate,system php admin value max execution time 30 php admin value memory limit 8M php admin value post max size 2M php admin value upload tmp dir x: www sub domain tmp lt; VirtualHost gt; lt;VirtualHost * gt; ServerName sub2 domain com DocumentRoot x: www sub2 domain dir php admin value disable functions shell exec,exec,virtual,passthru,proc close,proc get status,proc open,proc terminate,system php admin value max execution time 60 php admin value memory limit 2M php admin value post max size 1M lt; VirtualHost gt; lt;VirtualHost * gt; ServerName www domain4 com ServerAlias domain4 com * domain4 com domain4 domain com DocumentRoot x: www domain4 php admin value disable functions shell exec,exec,virtual,passthru,proc close,proc get status,proc open,proc terminate,system php admin value open basedir x: www domain4 php admin value upload tmp dir x: www domain4 tmp php admin value session use only cookies 1 lt; VirtualHost gt; In my httpd conf file I have the follwing: Code: ###### get vhosts ###### NameVirtualHost * Include conf domain list 1 conf Include conf domain list 2 conf Include conf domain list 3 conf Include conf domain list 4 conf ###################### This bit includes the domain info so that I don t have a massive 4000 line httpd conf file = = = = = = = = = = = = = = = = = = = = For you though, it does NOT matter where the ROOT directory for the server is, when you set up your vhosts So, try something like this: Code: NameVirtualHost * lt;VirtualHost * gt; ServerName www domain1 com ServerAlias domain1 com * domain1 com DocumentRoot x: www domain1 lt; VirtualHost gt; lt;VirtualHost * gt; ServerName www domain2 com ServerAlias domain2 com *domain2 com DocumentRoot x: www domain2 lt; VirtualHost gt;"> [L]

</VirtualHost>

๒๒๒๒๒๒๒๒๒๒๒๒๒๒๒๒๒๒๒๒๒๒๒๒๒๒
แต่ มันกินไปทั้วเว็บจะทำไงดี

<VirtualHost *:80>
ServerName sam.com
DocumentRoot "C:/AppServ/www"

php_value enable_functions phpinfo  //จะหาวิธี ประมาณเนี้ยก็ไม่มี

</VirtualHost>

<VirtualHost *:80>
ServerName *.sam.com
DocumentRoot "C:/AppServ/www"
RewriteEngine on
RewriteCond %{HTTP_HOST} !^(www|ftp|mail).sam.com
RewriteCond %{HTTP_HOST} ^(.*).sam.com
RewriteRule (.*) /users/%1/ disable_functions phpinfo not disable main but disable sub folde [L]
</VirtualHost>

หรือ

<VirtualHost *:80>
ServerName sam.com
DocumentRoot "C:/AppServ/www"


</VirtualHost>

<VirtualHost *:80>
ServerName *.sam.com
DocumentRoot "C:/AppServ/www"
RewriteEngine on
RewriteCond %{HTTP_HOST} !^(www|ftp|mail).sam.com
RewriteCond %{HTTP_HOST} ^(.*).sam.com
RewriteRule (.*) /users/%1/ disable_functions phpinfo not disable main but disable sub folde [L]

php_admin_value disable_functions  phpinfo     //วิธีนี้ไม่มีไรเกิดขึ้นเลย

</VirtualHost>

ก็ไม่ได้ซักที


เห็นเว็บ http://www.apachelounge.com/viewtopic.php?p=52

Here is an example part of one of my vhost entry files:

Code:

<VirtualHost *>
    ServerName www.domain.com
    ServerAlias domain.com www.domain2.com www.domain3.com
    DocumentRoot  x:/www/dir1/dir2/
    php_admin_value disable_functions "shell_exec,passthru,proc_close,proc_get_status,proc_open,proc_terminate,system"
    php_admin_value max_execution_time "120"
    php_admin_value memory_limit "16M"
    php_admin_value session.use_only_cookies "0"
    php_admin_value magic_quotes_gpc "Off"
    php_admin_value session.auto_start "1"
    php_admin_value session.cookie_lifetime "0"
    php_admin_value session.cache_expire "320"
</VirtualHost>

<VirtualHost *>
    ServerName sub.domain.com
    DocumentRoot  x:/www/sub_domain/
    php_admin_value disable_functions "shell_exec,exec,virtual,passthru,proc_close,proc_get_status,proc_open,proc_terminate,system"
    php_admin_value max_execution_time "30"
    php_admin_value memory_limit "8M"
    php_admin_value post_max_size "2M"
    php_admin_value upload_tmp_dir "x:/www/sub_domain/tmp/"
</VirtualHost>

<VirtualHost *>
    ServerName sub2.domain.com
    DocumentRoot  x:/www/sub2_domain/dir/
    php_admin_value disable_functions "shell_exec,exec,virtual,passthru,proc_close,proc_get_status,proc_open,proc_terminate,system"
    php_admin_value max_execution_time "60"
    php_admin_value memory_limit "2M"
    php_admin_value post_max_size "1M"
</VirtualHost>

<VirtualHost *>
    ServerName www.domain4.com
    ServerAlias domain4.com *.domain4.com domain4.domain.com
    DocumentRoot  x:/www/domain4/
    php_admin_value disable_functions "shell_exec,exec,virtual,passthru,proc_close,proc_get_status,proc_open,proc_terminate,system"
    php_admin_value open_basedir "x:/www/domain4/"
    php_admin_value upload_tmp_dir "x:/www/domain4/tmp/"
    php_admin_value session.use_only_cookies "1"
</VirtualHost>


In my httpd.conf file I have the follwing:
Code:
###### get vhosts ######
NameVirtualHost *
Include conf/domain_list_1.conf
Include conf/domain_list_2.conf
Include conf/domain_list_3.conf
Include conf/domain_list_4.conf
######################
This bit "includes" the domain info so that I don't have a massive 4000 line httpd.conf file.

= = = = = = = = = = = = = = = = = = = =
For you though, it does NOT matter where the ROOT directory for the server is, when you set up your vhosts. So, try something like this:
Code:
NameVirtualHost *
<VirtualHost *>
    ServerName www.domain1.com
    ServerAlias domain1.com *.domain1.com
    DocumentRoot  x:/www/domain1/
</VirtualHost>

<VirtualHost *>
    ServerName www.domain2.com
    ServerAlias domain2.com *domain2.com
    DocumentRoot  x:/www/domain2/
</VirtualHost>

","answerCount":2,"upvoteCount":4209,"dateCreated":"2008-12-07T05:19:58","author":{"@type":"Person","name":"Yuranun Ph","url":"https://www.goragod.com/index.php"},"url":"https://www.goragod.com/forum.html?wbid=982","suggestedAnswer":[{"@type":"Answer","text":"ไม่เคยใช้เลย ตอบไม่ถูก","dateCreated":"2008-12-08T17:08:55","author":{"@type":"Person","name":"กรกฎ วิริยะ","url":"https://www.goragod.com/index.php"},"upvoteCount":0,"url":"https://www.goragod.com/forum.html?wbid=982#R_771"},{"@type":"Answer","text":"ใครเคยใช้บ้าง รายงานตัวด่วน","dateCreated":"2008-12-11T02:34:24","author":{"@type":"Person","name":"Yuranun Ph","url":"https://www.goragod.com/index.php"},"upvoteCount":0,"url":"https://www.goragod.com/forum.html?wbid=982#R_772"}]}}]

GORAGOD.com

freelance, web developer, web designer, hosting, domain name

disable_functions phpinfo not disable main but disable sub folde

Yuranun Ph

ปกติแล้วถ้าจะใช้ disable_functions ต้องทำ disable_functions  phpinfo
(ใช้ทดสอบจาก phpinfo ดูง่ายดี)
อยากให้ตัดหลักทำงานได้ตามปกติแต่จะแบ่งให้ user ให้ พื้นที่เราทำโฮส(ให้นักศึกษาให้ฟรี)แต่กลับจะดีนักศึกษาเห็นช่องโหว่เรา ก็เลยจะปิดซะแต่ดันปิดไม่ถูกถ้าปิดของเราก็ไปปิดของทั้งหมด เราก็แย่ด้วยเพราะต้องให้ functions หลายตัวทำงาน


ตัวที่ทดสอบก็ตัว phpinfo.php


+หลัก
index.php
register.php
...
//อันหลักๆข้างนอกพวกนี้ต้อง exec ได้


   +users   //พื้นที่ให้ user ข้างในนี้ห้ามให้สิทธิ โดย disable_functions "shell_exec,exec,virtual,passthru,proc_close,proc_get_status,proc_open,proc_terminate,system"
      +user a
      +user b
      +...

ช่วยคิดกันหน่อยนะครับ  ผมปวดหัวแย่ละ

รูปแบบปกติ คือปิดทั้งเว็บ
C:\WINDOWS\php.ini
disable_functions =phpinfo


C:\AppServ\Apache2.2\conf\extra\httpd-vhosts.conf
<VirtualHost *:80>
ServerName sam.com
DocumentRoot "C:/AppServ/www"
RewriteEngine on
RewriteCond %{HTTP_HOST} !^(www|ftp|mail).sam.com
RewriteCond %{HTTP_HOST} ^(.*).sam.com
RewriteRule (.*) /users/%1/ [L]

</VirtualHost>

๒๒๒๒๒๒๒๒๒๒๒๒๒๒๒๒๒๒๒๒๒๒๒๒๒๒
แต่ มันกินไปทั้วเว็บจะทำไงดี

<VirtualHost *:80>
ServerName sam.com
DocumentRoot "C:/AppServ/www"

php_value enable_functions phpinfo  //จะหาวิธี ประมาณเนี้ยก็ไม่มี

</VirtualHost>

<VirtualHost *:80>
ServerName *.sam.com
DocumentRoot "C:/AppServ/www"
RewriteEngine on
RewriteCond %{HTTP_HOST} !^(www|ftp|mail).sam.com
RewriteCond %{HTTP_HOST} ^(.*).sam.com
RewriteRule (.*) /users/%1/ [L]
</VirtualHost>

หรือ

<VirtualHost *:80>
ServerName sam.com
DocumentRoot "C:/AppServ/www"


</VirtualHost>

<VirtualHost *:80>
ServerName *.sam.com
DocumentRoot "C:/AppServ/www"
RewriteEngine on
RewriteCond %{HTTP_HOST} !^(www|ftp|mail).sam.com
RewriteCond %{HTTP_HOST} ^(.*).sam.com
RewriteRule (.*) /users/%1/ [L]

php_admin_value disable_functions  phpinfo     //วิธีนี้ไม่มีไรเกิดขึ้นเลย

</VirtualHost>

ก็ไม่ได้ซักที


เห็นเว็บ http://www.apachelounge.com/viewtopic.php?p=52

Here is an example part of one of my vhost entry files:

Code:

<VirtualHost *>
    ServerName www.domain.com
    ServerAlias domain.com www.domain2.com www.domain3.com
    DocumentRoot  x:/www/dir1/dir2/
    php_admin_value disable_functions "shell_exec,passthru,proc_close,proc_get_status,proc_open,proc_terminate,system"
    php_admin_value max_execution_time "120"
    php_admin_value memory_limit "16M"
    php_admin_value session.use_only_cookies "0"
    php_admin_value magic_quotes_gpc "Off"
    php_admin_value session.auto_start "1"
    php_admin_value session.cookie_lifetime "0"
    php_admin_value session.cache_expire "320"
</VirtualHost>

<VirtualHost *>
    ServerName sub.domain.com
    DocumentRoot  x:/www/sub_domain/
    php_admin_value disable_functions "shell_exec,exec,virtual,passthru,proc_close,proc_get_status,proc_open,proc_terminate,system"
    php_admin_value max_execution_time "30"
    php_admin_value memory_limit "8M"
    php_admin_value post_max_size "2M"
    php_admin_value upload_tmp_dir "x:/www/sub_domain/tmp/"
</VirtualHost>

<VirtualHost *>
    ServerName sub2.domain.com
    DocumentRoot  x:/www/sub2_domain/dir/
    php_admin_value disable_functions "shell_exec,exec,virtual,passthru,proc_close,proc_get_status,proc_open,proc_terminate,system"
    php_admin_value max_execution_time "60"
    php_admin_value memory_limit "2M"
    php_admin_value post_max_size "1M"
</VirtualHost>

<VirtualHost *>
    ServerName www.domain4.com
    ServerAlias domain4.com *.domain4.com domain4.domain.com
    DocumentRoot  x:/www/domain4/
    php_admin_value disable_functions "shell_exec,exec,virtual,passthru,proc_close,proc_get_status,proc_open,proc_terminate,system"
    php_admin_value open_basedir "x:/www/domain4/"
    php_admin_value upload_tmp_dir "x:/www/domain4/tmp/"
    php_admin_value session.use_only_cookies "1"
</VirtualHost>


In my httpd.conf file I have the follwing:
Code:
###### get vhosts ######
NameVirtualHost *
Include conf/domain_list_1.conf
Include conf/domain_list_2.conf
Include conf/domain_list_3.conf
Include conf/domain_list_4.conf
######################
This bit "includes" the domain info so that I don't have a massive 4000 line httpd.conf file.

= = = = = = = = = = = = = = = = = = = =
For you though, it does NOT matter where the ROOT directory for the server is, when you set up your vhosts. So, try something like this:
Code:
NameVirtualHost *
<VirtualHost *>
    ServerName www.domain1.com
    ServerAlias domain1.com *.domain1.com
    DocumentRoot  x:/www/domain1/
</VirtualHost>

<VirtualHost *>
    ServerName www.domain2.com
    ServerAlias domain2.com *domain2.com
    DocumentRoot  x:/www/domain2/
</VirtualHost>

07 ธ.ค. 2551 2 4,209
กรกฎ วิริยะ

ไม่เคยใช้เลย ตอบไม่ถูก
#1
Yuranun Ph

ใครเคยใช้บ้าง รายงานตัวด่วน

#2
ความคิดเห็น
ไฟล์อัปโหลด ชนิด jpg, jpeg ขนาดไฟล์ไม่เกิน 2M
^