1. 开启安全模式,可以禁用exec()、system()等函数。
    2. 在httpd.conf中用php_admin_value open和basedir限制PHP的存取目录。
    3. 在php_admin_value open_basedir别忘了加上php.ini中指定的PHP临时上传目录和session保存目录,不然会无法上传文件、存取session。 php.ini中按如下配置:
      upload_tmp_dir = "D:/PHP/temp/" 
      session.save_path = "D:/PHP/temp/"
      
    4. Apache2.0配置示例:
      <VirtualHost *:80>  
      ServerName www.xxsite.com  
      DocumentRoot "E:/web/xxsite" 
      Options FollowSymLinks IncludesNOEXEC Indexes  
      DirectoryIndex index.html index.php  
      AllowOverride None  
      Order Deny,Allow  
      Allow from all  
      php_admin_value open_basedir "E:/web/xxsite/;D:/PHP/temp/" 
      php_admin_value safe_mode On  
      </VirtualHost>
      
    5. Apache2.2配置示例:
      <VirtualHost *:80>  
      ServerName www.xxsite.com  
      DocumentRoot "E:/web/xxsite" 
      </VirtualHost>  
      <Directory "E:/web/xxsite">  
      Options FollowSymLinks IncludesNOEXEC Indexes  
      DirectoryIndex index.html index.php  
      AllowOverride None  
      Order Deny,Allow  
      Allow from all  
      php_admin_value open_basedir "E:/web/xxsite/;D:/PHP/temp/" 
      php_admin_value safe_mode On  
      </Directory>