apache有php_admin_value open_basedir 可以限制webshell跨目录可是nginx目前没有这样模块支持
先来看两份配置文件部分只跟大家讲原理省略了和主题无关部分请勿复制就用明白了原理就知道该如何做了

php.ini

; open_basedir, , limits all file operations to the d directory
; and below.  This directive makes most sense used in a per-directory
; or per-virtualhost web server configuration file. This directive is
; *NOT* affected by whether Safe Mode is turned _disibledevent=>nginx.conf


http
{
         server
        {
                listen 80;
                server_name  host1.com;
                root /myserver/host1;

                location ~ .*\.(php|php5)?$
                {
                         #fastcgi_pass  unix:/tmp/php-cgi.sock;
                         fastcgi_pass  127.0.0.1:9000;
                         fastcgi_index index.php;
                         fcgi.conf;
                }
        }
         server
        {
                listen 80;
                server_name  host2.com;
                root /myserver/host2;

                location ~ .*\.(php|php5)?$
                {
                         #fastcgi_pass  unix:/tmp/php-cgi.sock;
                         fastcgi_pass  127.0.0.1:9000;
                         fastcgi_index index.php;
                         fcgi.conf;
                }
        }
         server
        {
                listen 80;
                server_name  host3.com;
                root /myserver/host3;

                location ~ .*\.(php|php5)?$
                {
                         #fastcgi_pass  unix:/tmp/php-cgi.sock;
                         fastcgi_pass  127.0.0.1:9000;
                         fastcgi_index index.php;
               &nb