利用.htaccess的设置来显示PHP错误的方法

用.htaccess设置显示PHP错误

使用.htaccess可以在某种程度上更改PHP的错误显示的设置,实际上,相当于更改PHP.ini的参数,很是方便。
将以下相应代码放到对应目录中的.htaccess文件,即可实现相应功能。
关闭错误显示
php_flag display_startup_errors off
php_flag display_errors off
php_flag html_errors off
php_value docref_root 0
php_value docref_ext 0

只显示PHP错误

php_flag  display_errors        on
php_flag  display_startup_errors on
php_value error_reporting        2047

其中,“2047”为要显示的错误的级别,详细表格如下:

1 E_ERROR
2 E_WARNING
4 E_PARSE
8 E_NOTICE
16 E_CORE_ERROR
32 E_CORE_WARNING
64 E_COMPILE_ERROR
128 E_COMPILE_WARNING
256 E_USER_ERROR
512 E_USER_WARNING
1024 E_USER_NOTICE
2047 E_ALL
2048 E_STRICT
4096 E_RECOVERABLE_ERROR 

把错误保存到日志文件中 ,可以这样设置:

# enable PHP error logging
php_flag  log_errors on
php_value error_log  /home/path/public_html/domain/PHP_errors.log

然后,可以设置不允许访问.log文件

# prevent access to PHP error log
<Files PHP_errors.log>
 Order allow,deny
 Deny from all
 Satisfy All
</Files>

设置错误日志的最大体积 ,以bytes为单位:

# general directive for
 setting max error size
log_errors_max_len integer

综合上述,.htaccess的PHP错误显示设置汇总

# PHP error handling for production servers

# disable display of startup errors
php_flag display_startup_errors off

# disable display of all other errors
php_flag display_errors off

# disable html markup of errors
php_flag html_errors off

# enable logging of errors
php_flag log_errors on

# disable ignoring of repeat errors
php_flag ignore_repeated_errors off

# disable ignoring of unique source errors
php_flag ignore_repeated_source off

# enable logging of php memory leaks
php_flag report_memleaks on

# preserve most recent error via php_errormsg
php_flag track_errors on

# disable formatting of error reference links
php_value docref_root 0

# disable formatting of error reference links
php_value docref_ext 0

# specify path to php error log
php_value error_log /home/path/public_html/domain/PHP_errors.log

# specify recording of all php errors
php_value error_reporting 999999999

# disable max error string length
php_value log_errors_max_len 0

# protect error log by preventing public access
<Files /home/path/public_html/domain/PHP_errors.log>
 Order allow,deny
 Deny from all
 Satisfy All
</Files>

以下则是适合开发者应用的设置:

# PHP error handling for
 development servers
php_flag display_startup_errors on
php_flag display_errors on
php_flag html_errors on
php_flag log_errors on
php_flag ignore_repeated_errors off
php_flag ignore_repeated_source off
php_flag report_memleaks on
php_flag track_errors on
php_value docref_root 0
php_value docref_ext 0
php_value error_log /home/path/public_html/domain/PHP_errors.log
php_value error_reporting 999999999
php_value log_errors_max_len 0

<Files /home/path/public_html/domain/PHP_errors.log>
 Order allow,deny
 Deny from all
 Satisfy All
</Files>

总之,通过.htaccess设置显示PHP错误
来控制PHP错误是否显示似乎更方便。。

php ModSecurity Suhosin两个安全的更新操作

Step of installation for ModSecurity
1. Download yum repo and install the mod security using yum
# wget -q -O – http://www.atomicorp.com/installers/atomic.sh | sh
# yum install mod_security
 
2. Download the mod security rules and apply it. 
# cd /etc/httpd/modsecurity.d && wget http://downloads.prometheus-group.com/delayed/rules/modsec-2.5-free-latest.tar.gz
# tar –xvvzf modsec-2.5-free-latest.tar.gz

3. Removed unwanted rules/
# cd /etc/httpd/modsecurity.d && rm -Rf 00_asl_rbl.conf 00_asl_whitelist.conf
4. Restart apache service
#/etc/init.d/httpd restart

Step of installation for Suhosin:
1. Download suhosin and install it
#cd /usr/local/
#wget http://www.hardened-php.net/suhosin/_media/suhosin-0.9.18.tgz
#tar -zxvf suhosin-0.9.18.tgz
#cd suhosin-0.9.18
#phpize
#./configure
#make && make install
2. Adding a load directive to php.ini 
#extension=suhosin.so
3. Restart apache service 
#/etc/init.d/httpd restart

动态安装suhosin(动态安装,不需要重新编译php):
yum -y install gcc gcc+
wget http://download.suhosin.org/suhosin-0.9.31.tgz
 tar zxvf suhosin-0.9.31.tgz
cd suhosin-0.9.31
phpize
./configure –with-php-config=/usr/local/php/bin/php-config
./configure
make
make install
vi /etc/php.ini  添加如下几行
extension=suhosin.so
[suhosin]
suhosin.get.max_value_length = 5120
重启apache
service httpd restart
安装成功后,phpinfo会显示如下:
This server is protected with the Suhosin Extension 0.9.31

Copyright (c) 2006-2007 Hardened-PHP Project
Copyright (c) 2007-2010 SektionEins GmbH

centos下使用yum来升级php和mysql

yum是CentOS系统自带的用于方便地添加/删除/更新RPM包的工具,它能自动解决包的倚赖性问题。
用yum更新PHP,只需用一条命令就可以搞定.
#yum update php
#yum update mysql
使用此命令后,系统告诉我,没有发现可更新的包。而当前的PHP版本只是5.2.1,php官方已经更新到更新到5.2.6了。原来CentOS系统的源里PHP仍旧是5.2.1,需要额外的源才能升级PHP。根据其它人的资料,将步骤额外源的步骤如下:
#rpm --import http://www.jasonlitka.com/media/RPM-GPG-KEY-jlitka
#vi /etc/yum.repos.d/utterramblings.repo

在打开的文档中加入下面内容
[utterramblings]
name=Jason's Utter Ramblings Repo
baseurl=http://www.jasonlitka.com/media/EL$releasever/$basearch/
enabled=1
gpgcheck=1
gpgkey=http://www.jasonlitka.com/media/RPM-GPG-KEY-jlitka

保存。
再次运行下面的命令就可以完成php的升级了
#yum update php
升级到5.2.13
运行下面命令,升级mysql
#yum update mysql
升到5.0.99

具体看:http://www.jasonlitka.com/yum-repository/ 原始出处