Use .user.ini file to modify open_basedir to enhance PHP system security

.user.ini is an lnmp file, which contains the folder path address of the website. The purpose is to prevent cross-directory access and cross-directory reading of files. In a certain sense, it ensures potential security issues that may be caused by unknown PHP code. .

The configuration is placed in the root directory .user.ini

open_basedir=/project path/:/tmp/:/proc/     

example:

Remember that aliyun host ECS was hacked for mining?

I accidentally discovered that the CPU usage of an ECS host in the backend of Alibaba Cloud has been near 100%. If I look closely, it is used to provide idle services to customers. Few people take care of it. After taking a closer look at the data, I found that the CPU has been at 100% for two weeks. , there is no abnormality in the memory, but the hard disk has sharp peaks every 1 minute. It is estimated that there is a problem with the cron job.

Subscribe to Safety