Case 4: PHP parser outside of web tree

A very secure option is to put the PHP parser binary somewhere outside of the web tree of files. In /usr/local/bin, for example. The only real downside to this option is that you will now have to put a line similar to:

#!/usr/local/bin/php
as the first line of any file containing PHP tags. You will also need to make the file executable. That is, treat it exactly as you would treat any other CGI script written in Perl or sh or any other common scripting language which uses the #! shell-escape mechanism for launching itself.

To get PHP to handle PATH_INFO and PATH_TRANSLATED information correctly with this setup, the PHP parser should be compiled with the --enable-discard-path configure option.

Коментарии

You can use binfmt-misc to avoid the need for the #! line, by registering your php5-cgi binary as an interpreter for *.php files. E.g. with Debian binfmt-misc installed:

    update-binfmts --install php5 /usr/bin/php5-cgi --extension php
    cat /proc/sys/fs/binfmt_misc/php5

However, you still need chmod +x on the .php file. And Apache will give a rather sad "500 Internal Server Error" if you are missing the +x permissions :( You can improve the error message using mod_rewrite (but not obliviate the need for +x)..
2013-12-15 12:02:09
http://php5.kiev.ua/manual/ru/security.cgi-bin.shell.html
Автор:
To add a new structure out the PHP directory, you have to do first:

- Configure the .ini file
- Add to your IDE the interpretor
2014-02-28 15:54:10
http://php5.kiev.ua/manual/ru/security.cgi-bin.shell.html

    Поддержать сайт на родительском проекте КГБ