doubu7134
doubu7134
2015-07-10 18:43

file_get_contents()仅在使用CentOS安全设置的本地域上发生安全问题

I know there are a hundred posts about file_get_contents() on SO but nothing seems to solve my problem:

Everything was working fine fifteen minutes ago, until I ran some security stuff via SSH. I added some iptables rules and I file_get_contents and I ran service proftpd restart and a few installs/uninstalls which seems to have disabled PHP's fopen() functions somehow.

In php.ini, I have: allow_url_fopen = on & extension=php_openssl.dll on

I'm trying a simple test: (this file loads fine via the browser)

echo file_get_contents("https://www.this-domain.com/logo.gif");
//...failed to open stream:HTTP request failed! HTTP/1.1 404 Not Found...

//However both of the following work absolutely fine:

echo file_get_contents("https://www.google.com/");
echo file_get_contents("/home/user/domains/this-domain.com/private_html/media/logospin.gif");

I cannot change the file_get_contents() code (to cURL or otherwise) - this is a server settings issue. Possibly something to do with the firewall. Can someone please suggest a fix?

  • 点赞
  • 写回答
  • 关注问题
  • 收藏
  • 复制链接分享
  • 邀请回答

1条回答

  • du31992 du31992 6年前

    The problem was in fact a DNS issue. file_get_contents() was bizarrely routing through our backup nameservers (ns3 & ns4) for some reason, while browsers were routing through the primary nameservers (ns1 & ns2). Unlike the primaries, the backups point to a different server, which does not yet have identical files - hence the unusual 404.

    I had set up these backup nameservers only a few hours before tinkering with the firewall etc and by the time they propagated, it looked very much like the ssh commands had taken file_get_contents() offline.

    Thanks for all the comments guys - very much appreciated.

    点赞 评论 复制链接分享