https://www.li6.cc/index/article/details/id/367

vim /usr/local/nginx/conf/fastcgi.conf 末尾加上

fastcgi_param PHP_ADMIN_VALUE "open_basedir=/home/wwwroot/yourWebSite/:/tmp/:/proc/";

https://doc.fastadmin.net/doc/171.html

WEB配置 Nginx可以通过以下配置禁止PHP脚本执行

location ~ ^/(uploads|assets)/.*.(php|php5|jsp)$ {
deny all; } Apache可以通过在.htaccess中配置来禁用PHP脚本执行

RewriteEngine on RewriteCond % !^$ RewriteRule uploads/(.*).(php)$ – [F] 或使用

Order allow,deny Deny from all 其次在新增网站配置时务必绑定public目录为运行目录，同时启用open_basedir限制只允许FastAdmin的根目录，

vim /usr/local/nginx/conf/fastcgi.conf 末尾加上

fastcgi_param PHP_ADMIN_VALUE "open_basedir=/home/wwwroot/yourWebSite/:/tmp/:/proc/"; 或者在站点的vhost文件里修改

location ~ .php$ { include snippets/fastcgi-php.conf; include fastcgi_params; fastcgi_pass 127.0.0.1:9000; fastcgi_pass unix:/run/php/php7.0-fpm.sock; fastcgi_index index.php; fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; fastcgi_param PHP_ADMIN_VALUE "open_basedir=/home/wwwroot/yourWebSite/:/tmp/:/proc/";

配置完重启nginx 即可生效

通常也建议修改php.ini，禁用不安全的函数，配置如disable_functions = passthru,exec,system,chroot,chgrp,chown,shell_exec,proc_open,proc_get_status,popen,ini_alter,ini_restore,dl,openlog,syslog,readlink,symlink,popepassthru }