The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

open_basedir - not working for addon domains.

Discussion in 'General Discussion' started by likudio, Jan 11, 2015.

  1. likudio

    likudio Member

    Joined:
    Jan 11, 2015
    Messages:
    13
    Likes Received:
    0
    Trophy Points:
    1
    cPanel Access Level:
    Root Administrator
    Hi,

    As I understand, open_basedir's purpose is to limit a PHP file access to other resources, other than it's DocumentRoot. Fine until here.

    Let's say I have cPanel account, "www.somesite.com" which has path /home/somesite/(public_html/), as a main domain.

    And in my account, I want to add an Addon Domain, "www.othersite.com", which will point to: /home/somesite/www_othersite as DocumentRoot.

    As I enable open_basedir, I expect that for each of my Addon Domain, its access to be limited to DocumentRoot ( /home/somesite/www_othersite in our situation) , NOT to users root folder (/home/somesite/);

    I find this issue as being a bug; is there any known work around or should I report it somewhere using a ticket, so it can be fixed?

    Regards,
    A.
     
    #1 likudio, Jan 11, 2015
  2. secureconfig

    secureconfig Member

    Joined:
    Jan 11, 2015
    Messages:
    5
    Likes Received:
    0
    Trophy Points:
    1
    cPanel Access Level:
    Root Administrator
    Hello ,

    do you actived open_basedir correctly ?
    please run this command and paste output :
    # cat /usr/local/lib/php.ini | grep open_basedir

    Good Luck.
     
    #2 secureconfig, Jan 11, 2015
  3. likudio

    likudio Member

    Joined:
    Jan 11, 2015
    Messages:
    13
    Likes Received:
    0
    Trophy Points:
    1
    cPanel Access Level:
    Root Administrator
    Hi secureconfig,

    Your question doesn't make any sense, as according to cPanel documentation, open_basedir setting does not get activated from php.ini, but from /usr/local/apache/conf/httpd.conf, where the VirtualHosts are generated, and they look like this:

    <IfModule concurrent_php.c>
    php4_admin_value open_basedir "path_to_users_dir:/usr/lib/php:/usr/php4/lib/php:/usr/local/lib/php:/usr/local/php4/lib/php:/tmp"
    php5_admin_value open_basedir "/home/path_to_users_dir:/usr/lib/php:/usr/local/lib/php:/tmp"
    </IfModule>

    The thing is... it should be path_to_document_root, not to users_dir if you get what I'm saying :)

    I'll report a ticket with this issue.
    Thanks anyway.
     
    #3 likudio, Jan 12, 2015
  4. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    37,184
    Likes Received:
    1,295
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Hello :)

    Could you let us know the ticket number so we can update this thread with the outcome?

    Thank you.
     
    #4 cPanelMichael, Jan 12, 2015
  5. likudio

    likudio Member

    Joined:
    Jan 11, 2015
    Messages:
    13
    Likes Received:
    0
    Trophy Points:
    1
    cPanel Access Level:
    Root Administrator
    Hi Michael,

    Ticket ID is 5955853 and still under investigation;
    Hope it will get fixed ASAP.

    Regards,
    A.
     
    #5 likudio, Jan 12, 2015
  6. likudio

    likudio Member

    Joined:
    Jan 11, 2015
    Messages:
    13
    Likes Received:
    0
    Trophy Points:
    1
    cPanel Access Level:
    Root Administrator
    After talking with a cPanel representative... they don't see this as a bug.
    They think that this can this can be a feature... so I have to make a "feature request";

    But... can somebody tell me, what is the purpose of open_basedir in cPanel option?
    I mean, what's the point of using open_basedir to the users folder, and not to the domain root?

    I still don't get it...
     
    #6 likudio, Jan 12, 2015
  7. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    37,184
    Likes Received:
    1,295
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Per our documentation:

    Additional documentation on this option is available at:

    PHP open_basedir Tweak

    Feel free to post the link to the feature request here so we can review it after the submission.

    Thank you.
     
    #7 cPanelMichael, Jan 13, 2015
  8. likudio

    likudio Member

    Joined:
    Jan 11, 2015
    Messages:
    13
    Likes Received:
    0
    Trophy Points:
    1
    cPanel Access Level:
    Root Administrator
    #8 likudio, Jan 16, 2015
(You must log in or sign up to post here.)
Loading...
Similar Threads - open_basedir working addon
  1. ugcoder

    Enable/Disable PHP open_basedir protection from command line

    ugcoder, Apr 17, 2017, in forum: cPanel Developers
    Replies:
    1
    Views:
    530
    cPanelMichael
    Apr 17, 2017
  2. Rodrigo Gomes

    SOLVED open_basedir and Jailed apache

    Rodrigo Gomes, Dec 9, 2016, in forum: Security
    Replies:
    6
    Views:
    371
    Rodrigo Gomes
    Jan 8, 2017
  3. epaslv

    open_basedir protection

    epaslv, Aug 16, 2016, in forum: Security
    Replies:
    7
    Views:
    634
    ThinIce
    Aug 23, 2016
  4. bgarrant

    suPHP, open_basedir, and Multi PHP via EA4...together for improved security

    bgarrant, May 5, 2016, in forum: Workarounds and Optimization
    Replies:
    5
    Views:
    1,319
    Mike Mannakee
    Feb 22, 2017
  5. catacaustic

    AutoSSL (LetsEncrypt) not working for some domains

    catacaustic, Aug 22, 2017 at 4:12 PM, in forum: Security
    Replies:
    1
    Views:
    37
    cPanelMichael
    Aug 23, 2017 at 9:00 AM

Share This Page