I've installed some time ago Apache and php as a fastcgi module
root@company# apt-get install apache2 apache2-suexec libapache2-mod-fcgid php5-cgi
root@company# dpkg-query -l '*apache2*'
Desired=Unknown/Install/Remove/Purge/Hold
| Status=Not/Inst/Conf-files/Unpacked/halF-conf/Half-inst/trig-aWait/Trig-pend
|/ Err?=(none)/Reinst-required (Status,Err: uppercase=bad)
||/ Name Version Description
+++-==============================-==============================-============================================================================
ii apache2 2.2.20-1ubuntu1.2 Apache HTTP Server metapackage
ii apache2-mpm-worker 2.2.20-1ubuntu1.2 Apache HTTP Server - high speed threaded model
ii apache2-suexec 2.2.20-1ubuntu1.2 Standard suexec program for Apache 2 mod_suexec
ii apache2-utils 2.2.20-1ubuntu1.2 utility programs for webservers
ii apache2.2-bin 2.2.20-1ubuntu1.2 Apache HTTP Server common binary files
ii apache2.2-common 2.2.20-1ubuntu1.2 Apache HTTP Server common files
ii libapache2-mod-fcgid 1:2.3.6-1+squeeze1build0.11.10 an alternative module compat with mod_fastcgi
root@company# dpkg-query -l '*php*'
Desired=Unknown/Install/Remove/Purge/Hold
| Status=Not/Inst/Conf-files/Unpacked/halF-conf/Half-inst/trig-aWait/Trig-pend
|/ Err?=(none)/Reinst-required (Status,Err: uppercase=bad)
||/ Name Version Description
+++-=================================-=================================-==================================================================================
un php-pear <none> (no description available)
ii php5-cgi 5.3.6-13ubuntu3.7 server-side, HTML-embedded scripting language (CGI binary)
ii php5-common 5.3.6-13ubuntu3.7 Common files for packages built from the php5 source
un php5-json <none> (no description available)
un php5-mhash <none> (no description available)
un php5-suhosin <none> (no description available)
un phpapi-20090626 <none> (no description available)
root@company# dpkg-query -l '*fcgi*'
Desired=Unknown/Install/Remove/Purge/Hold
| Status=Not/Inst/Conf-files/Unpacked/halF-conf/Half-inst/trig-aWait/Trig-pend
|/ Err?=(none)/Reinst-required (Status,Err: uppercase=bad)
||/ Name Version Description
+++-=================================-=================================-==================================================================================
ii libapache2-mod-fcgid 1:2.3.6-1+squeeze1build0.11.10.1 an alternative module compat with mod_fastcgi
Now, I'm aware that I can't use this command in my virtual hosts:
php_admin_value open_basedir "/var/www/users/test"
A typical virtual host file in my case:
<VirtualHost *:80>
ServerName test
ServerAlias test
ServerAdmin webmaster@test.com
DocumentRoot /var/www/users/test/public_html/
<IfModule mod_fcgid.c>
SuexecUserGroup test test
<Directory /var/www/users/test/public_html/>
Options +ExecCGI
Options -Indexes
AllowOverride None
AddHandler fcgid-script .php
FCGIWrapper /var/www/system/test/php-fcgi-starter .php
Order allow,deny
Allow from all
</Directory>
</IfModule>
# ErrorLog /var/log/apache2/error.log
# CustomLog /var/log/apache2/access.log combined
ServerSignature Off
</VirtualHost>
1) Any ideas as how to enable open_basedir
and also allow my users to change php.ini
which I define in their home (eg /var/www/users/test
). A user should not alter my value even if he tries to edit php.ini
.
Is this possible? or, I should just forget user access to php.ini
for all my users and change once-for-all his php.ini
?(I can do that by simply relocating it-there is a fcgid wrapper script in such a setup as you know)
2) I would appreciate it if anyone could also give me some Apache2 directives that redirect all requests from:
http://www.test.com/a/new/post
to this one internally:
http://www.test.com/index.php?a/new/post
The following does not work-should give some parameters:
RewriteEngine On
RewriteBase /
RewriteCond %{REQUEST_FILENAME} -s [OR]
RewriteCond %{REQUEST_FILENAME} -l [OR]
RewriteCond %{REQUEST_FILENAME} -d
RewriteRule ^.*$ - [NC,L]
RewriteRule ^.*$ index.php [NC,L]
(No I don't want to allow .htaccess files for reasons of speed)
Thanks!
Comment on Question (2): I noticed that this directive inside the <Directory>
section achieves what I need:
RewriteEngine On
RewriteBase /
RewriteRule ^(.*)$ index.php?$1 [NC,L,QSA]
but behaves strangely with presenting the php image at (is not shown)
<?php
phpinfo();
?>
the link of this image at the echoed file is
<img border="0" src="/info.php?=PHPE9568F34-D428-11d2-A769-00AA001ACF42" alt="PHP Logo" />
any ideas?
Related with question (2): it seems these directives really make the magic (see comments inside and after)
<VirtualHost *:80>
ServerName test
ServerAlias test
ServerAdmin webmaster@test.com
DocumentRoot /var/www/users/test/public_html/
#the next line should be removed in production
RewriteLog /var/www/users/test/public_html/rewrite.log
RewriteLogLevel 9
<IfModule mod_fcgid.c>
SuexecUserGroup test test
<Directory /var/www/users/test/public_html/>
Options +ExecCGI
Options -Indexes
AllowOverride None
AddHandler fcgid-script .php
FCGIWrapper /var/www/system/test/php-fcgi-starter .php
Order allow,deny
Allow from all
RewriteEngine On
#next line introduces some behavior, see comment (1)
#RewriteBase /
#redirect non-existent files or, redirect existent
#files with the execute bit set, see comment (2)
RewriteCond %{REQUEST_FILENAME} !-f [OR]
RewriteCond %{REQUEST_FILENAME} -x
#under the above dir ("/var/www/users/test/public_html/")
#there is a "php/tests/testApache.php" that catches all requests
#for non-existent files or for executables,
#L=last, NC=case-insensitive, NE=no hexcode escaping of the request uri
#QSA=append query string from the original request uri to the resulted string
RewriteRule ^/?(.*)$ php/tests/testApache.php?$1 [NC,NE,L,QSA]
</Directory>
</IfModule>
#the next 2 lines should be removed in production
ErrorLog /var/www/users/test/public_html/error.log
CustomLog /var/www/users/test/public_html/access.log combined
ServerSignature Off
</VirtualHost>
comment (1): by investigating our "rewrite.log" file we see these differences after deleting time, sid, rid fields
root@localhost# diff 1.txt 2.txt
8,10c8
< 127.0.0.1 - - [22/Mar/2013: +0200] [test/sid#][rid#/initial] (2) [perdir /var/www/users/test/public_html/] trying to replace prefix
/var/www/users/test/public_html/ with /
< 127.0.0.1 - - [22/Mar/2013: +0200] [test/sid#][rid#/initial] (5) strip matching prefix: /var/www/users/test/public_html/php/tests/te
stApache.php -> php/tests/testApache.php
< 127.0.0.1 - - [22/Mar/2013: +0200] [test/sid#][rid#/initial] (4) add subst prefix: php/tests/testApache.php -> /php/tests/testApache
.php
---
> 127.0.0.1 - - [22/Mar/2013: +0200] [test/sid#][rid#/initial] (2) [perdir /var/www/users/test/public_html/] strip document_root prefi
x: /var/www/users/test/public_html/php/tests/testApache.php -> /php/tests/testApache.php
the left part (1.txt) comes with RewriteBase /
in virtual hosts.
comment (2): by redirecting non-existent files all our images, .css, .js, .htm* files work as expected as long as the resource's path is given compared with the document root (in these virtual hosts is "/var/www/users/test/public_html/"). So, a test image is written:
echo '<img src="/wallpaper-10.jpg" alt="Christmas">';
and it is located at "/var/www/users/test/public_html/wallpaper-10.jpg".
Still waiting some responses on question (1) ...
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.