PHP &cron:安全问题
确保只有 CRON 执行 PHP 脚本的最佳方法是什么,而不是其他人偶然发现您的 php 脚本..
Whats the best way to ensure that only CRON executes PHP scripts, and not someone else who stumbled upon your php scripts..
我在想一个密码变量......但这是一个合法的 CRON 命令吗?:
I was thinking a Password Variable.... but is this a legal CRON command? :
/usr/local/bin/php -f /home/mysite/public_html/dir/script?password=12345
这样人们在通过 HTTP 访问 PHP 脚本时就无法执行相同的命令(除非他们知道密码)
This way people cannot be able to execute the same commands when visiting the PHP script via HTTP (unless they know the password)
谢谢.
推荐答案
您应该将此文件保留在 public_html 之外
You should keep this file outside of public_html
/usr/local/bin/php -f /home/mysite/script
// is secure from public access
相关文章