[英]require_once(../../path/to/script.php) failed to open stream permission denied
See an example here: http://mattpotts.com/portal/ 在此处查看示例: http : //mattpotts.com/portal/
I put an includeme.htm
in each directory on the required path to find the point of failure. 我将includeme.htm
放在所需路径上的每个目录中,以查找故障点。 It works fine on my local machine (windows) with the same directory structure but fails on my remote (linux) server. 在具有相同目录结构的本地计算机(windows)上,它可以正常工作,但在远程(linux)服务器上,它无法运行。
Directory structure: 目录结构:
+-firefli/ drwx--x--x
+-private_html/ drwx------
+-foo/ drwxr-xr-x
+-bar/ drwxr-xr-x
+-portal/ drwxr-wr-w
+-public_html/ drwxr-wr-w
+-foo/ drwxr-wr-w
+-portal/ drwxr-wr-w
The permissions confirm that it's the private_html
directory causing the trouble. 权限确认这是造成问题的private_html
目录。 Hopefully you can see the purpose of the directory structure, I don't know if it's a common way of doing things but it works for me. 希望您能看到目录结构的用途,我不知道这是否是一种常见的处理方式,但对我有用。 Well, until now. 好吧,直到现在。
I've gone a very long way around asking it but my question is simply this: is there anything wrong with setting private_html
to be drwxr-xr-x
? 我已经问了很长一段路,但是我的问题很简单:将private_html
设置为drwxr-xr-x
是否有问题? Given that I do not want it to be accessible via the web. 鉴于我不希望通过网络访问它。 But the permissions shouldn't do that should they? 但是权限不应该那样做吗? Because it's apache making the public_html
directory accessible via http. 因为它是Apache,因此可以通过http访问public_html
目录。
You shouldn't need to block out web users with folder/file permissions on private_html, as it's outside the web root. 您不需要阻止对private_html拥有文件夹/文件权限的Web用户,因为它不在Web根目录下。 As you say, web users can only get to stuff in public_html 如您所说,网络用户只能访问public_html
For future debugging speed, if you have a relative web path you can convert it to a real path using realpath: 为了将来的调试速度,如果您有相对的Web路径,则可以使用realpath将其转换为真实路径:
$path = realpath('../../private_html');
// $path is now /public_html/foo/private.html or whatever
Well, if you have set up your DocumentRoot
correctly to point to public_html
, it won't be accessible from the web, no matter what permissions you put on it. 好吧,如果您已正确设置DocumentRoot
指向public_html
,则无论您设置了什么权限,都无法从网络上访问它。
The Private HTMl is not accessible from the web without you putting in a .htaccess file that would redirect it. 如果没有放置将其重定向的.htaccess文件,则无法从网上访问Private HTMl。 If you don't know what that means/how to do that, you are safe. 如果您不知道那是什么意思/如何做,那将是安全的。
You should be fine setting these permissions to whatever your script needs. 您可以将这些权限设置为脚本所需的任何权限。
what are the user:group
for private_html
? private_html
的user:group
是什么? The web server needs to be either a member of the group or the owner of the file. Web服务器必须是该组的成员或该文件的所有者。 In order to read the directory contents the dirctory needs to have the execute
permission for the webserver to open it. 为了读取目录内容,该目录需要具有Web服务器打开目录的execute
权限。 Essentially they should have the same user:group
as public_html
. 本质上,它们应该与public_html
具有相同的user:group
。 You just want to disallow the write
permission. 您只想禁止write
许可。 tot he webserver. 他的网络服务器。 If you have set your document root to public_html
private_html
is not accessible via the web no matter what the permissions. 如果您已将文档根目录设置为public_html
则无论权限如何,都无法通过Web访问private_html
。 Also, i always use realpath
on the path arguments to and file operation. 另外,我总是在和文件操作的路径参数上使用realpath
。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.