通过PHP配置apache别名
[英]Configure apache alias via PHP
问题描述
I wanted to setup a server wherein my clients can edit Apache aliases via PHP script so they don't need to have the root account. 
我想设置一个服务器,让我的客户可以通过PHP脚本编辑Apache别名,因此他们不需要root帐户。 All they need to do is edit the aliases via browser. 他们所需要做的就是通过浏览器编辑别名。
How can I accomplish such task with PHP? 如何使用PHP完成此类任务?
1 个解决方案
解决方案1
1 已采纳 2013-05-17 20:13:46
In order to avoid a security nightmare, you need to have a strict wall of separation between user input and your backend processing. 为了避免发生安全梦night,您需要在用户输入和后端处理之间建立严格的隔离。 This is important when inserting data into a database; 将数据插入数据库时,这一点很重要。 it is even more important when editing important files such as Apache configs. 在编辑重要文件(例如Apache配置)时,它甚至更为重要。
If you absolutely must do this, the best way is to create two separate processes: the first is the customer-facing side. 如果您绝对必须这样做,则最好的方法是创建两个单独的过程:第一个是面向客户的方面。 This will require: 这将需要:
- A script to read and parse the vhost data 读取和解析虚拟主机数据的脚本
- A form to display the data in distinct fields (not just a big text area with the entire vhost contents) 用于在不同字段中显示数据的表单(不仅仅是带有整个vhost内容的大文本区域)
- A form handler which will strictly validate each piece of input data 表单处理程序将严格验证每条输入数据
- A database to hold the inputs 一个保存输入的数据库
On the back end, you will create a process (perhaps running via cron) which will read the data from the database and re-create the vhost. 在后端,您将创建一个进程(也许通过cron运行),该进程将从数据库中读取数据并重新创建虚拟主机。 This process should be inaccessible to the user. 用户应该无法访问此过程。
Validation will be the most important part of this entire process. 验证将是整个过程中最重要的部分。 If you allow your users to insert unfiltered or poorly filtered data into your Apache configs, expect bad things to happen. 如果您允许用户将未过滤或过滤不良的数据插入到Apache配置中,那么可能会发生不好的事情。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.