The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

How does Tweak PHP open_basedir Security work?

Discussion in 'Security' started by BianchiDude, Jun 3, 2009.

  1. BianchiDude

    BianchiDude Well-Known Member
    PartnerNOC

    Joined:
    Jul 2, 2005
    Messages:
    619
    Likes Received:
    0
    Trophy Points:
    16
    How does Tweak PHP open_basedir Security work?

    I didn't see a change to the open_basedir setting in php.ini after enabling it in WHM, under Security Center.

    [~]# cat /usr/local/lib/php.ini |grep base
    ; open_basedir, if set, limits all file operations to the defined directory
    ;open_basedir =

    In what file is it changing that setting?

    TIA
     
  2. chinmay

    chinmay Well-Known Member

    Joined:
    Jul 22, 2008
    Messages:
    101
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    localhost
    Hi there,

    The changes would be made in the httpd.conf file. The entry will be added in the VirtualHost entry for the domain. A sample entry will look like

    If you exclude php open_basedir for any of the account/domain the entry as above will be removed from the httpd.conf file.
     
  3. thewebhosting

    thewebhosting Well-Known Member

    Joined:
    May 9, 2008
    Messages:
    1,201
    Likes Received:
    1
    Trophy Points:
    38
    PHP's open_basedir protection prevents users from opening files outside of their home directory with PHP script. Since you have enabled Open_basedir security from WHM, php.ini will show you as below:

    ; open_basedir, if set, limits all file operations to the defined directory
    ;open_basedir =

    This is a correct settings and I do not think you need to do anything else now. Are you facing any problems?
     
  4. chinmay

    chinmay Well-Known Member

    Joined:
    Jul 22, 2008
    Messages:
    101
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    localhost
    yes, that is true.. but if you change it in WHM under Security Center, changes do reflect in httpd.con file.
     
Loading...

Share This Page