The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

open_basedir "exclude" not working?

Discussion in 'General Discussion' started by WebVandals, Feb 9, 2005.

  1. WebVandals

    WebVandals Member

    Sep 8, 2003
    Likes Received:
    Trophy Points:
    Just want to see if anyone else is having this problem. I have a few clients using my shared SSL certificate which means they have to run some files from mymaindomain/~theirusername. I want to have open_basedir enabled in general, but of course I have to make an exception for these shared SSL clients -- so I've checked the "Exclude Protection" box (under Tweak Security -> php openbase_dir protection) for those clients.

    The trouble is, after upgrading to 10.0.0, all of those "Exclude Protection" boxes seem to have no effect anymore and those clients get open_basedir errors. Anyone else having the same problem? Any ideas on how to fix?
  2. GOT

    GOT Get Proactive!

    Apr 8, 2003
    Likes Received:
    Trophy Points:
    Norfolk, VA
    cPanel Access Level:
    DataCenter Provider
    This is a little confusing. In point of fact, the protection does not need to be removed for the domain that wants to use your shared cert, it needs to be not implemented for the server hostname entry in the httpd.conf file.

    What I am guessing happened is that you probably did not origianlly have an entry for the hostname of the server in httpd.conf and then cpanel, around version 10, started checking for the existance of this entry and if it did not find it, added it, but they probably instered the open_basedir entries.

    So, what you should do is edit the httpd.conf file and find the entry for the server hostname and take a look at the open_basedir line there.

Share This Page