Open
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
修复RASP PHP Agent在宝塔PHP环境的安装BUG
宝塔是一个运维工具,可以傻瓜式安装PHP环境,一些PHP的宝塔用户比较多: https://www.bt.cn/
问题描述
原始的install.php脚本在宝塔PHP环境的时候,把OpenRASP的ini配置写入了错误的php.ini文件中。宝塔安装的PHP有一个php-cli.ini, install.php把配置写入了cli中,导致重启php-fpm OpenRASP的配置不生效,OpenRASP的管理后端看不到宿主机Agent上报的心跳。在host列表中没有显示。
解决方案
检测php-cli.ini同级目录有没有php.ini存在,如果存在,再把同样的配置写入php.ini中
运行截图:
由上图得知,在宝塔安装的PHP环境中,RASP的配置最开始写入php-cli.ini中了,导致即使重启php-fpm RASP配置不生效。