Configure apache alias via PHP
Question
I wanted to setup a server wherein my clients can edit Apache aliases via PHP script so they don't need to have the root account. All they need to do is edit the aliases via browser.
How can I accomplish such task with PHP?
1 answers
solution1
1 ACCPTED 2013-05-17 20:13:46
In order to avoid a security nightmare, you need to have a strict wall of separation between user input and your backend processing. This is important when inserting data into a database; it is even more important when editing important files such as Apache configs.
If you absolutely must do this, the best way is to create two separate processes: the first is the customer-facing side. This will require:
- A script to read and parse the vhost data
- A form to display the data in distinct fields (not just a big text area with the entire vhost contents)
- A form handler which will strictly validate each piece of input data
- A database to hold the inputs
On the back end, you will create a process (perhaps running via cron) which will read the data from the database and re-create the vhost. This process should be inaccessible to the user.
Validation will be the most important part of this entire process. If you allow your users to insert unfiltered or poorly filtered data into your Apache configs, expect bad things to happen.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.