The Community Forums

Interact with an entire community of cPanel & WHM users.
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

php open_basedir protection ? Applications not available anymore

Discussion in 'Security' started by nicklas, Jan 1, 2006.

  1. nicklas

    nicklas Well-Known Member

    Joined:
    Dec 22, 2005
    Messages:
    117
    Likes Received:
    0
    Trophy Points:
    16
    cPanel Access Level:
    Root Administrator
    The Best Wishes for everyone, that 2006 may be a good year for all of us.


    Hi all,

    I have turned on the php open_basedir protection, as recommended in another thread here.
    But now some applications aren't available anymore, for example osCommerce uses from /usr/bin/gzip and from /usr/local/binzip to compress the bckup . Those /usr/bin/ folders are as I understand now forbidden for users. But many other things like /usr/bin/curl won't work proberly anymore. Seems going from bad to worse or is there a solution?

    How to solve this ?
     
  2. david510

    david510 Well-Known Member

    Joined:
    Aug 22, 2004
    Messages:
    473
    Likes Received:
    0
    Trophy Points:
    16
    Php's open_basedir protection prevents users from opening files outside of their home directory with php. You can use this function to select which accounts can open files outside of their home directory when using php. In most cases the script is attempting to access an area or file outside of your allocated webspace which, of course, is not permitted. The script may be attempting to open a file for reading or moving a file on the system, for example.

    You will need to look at your script in detail and change any parts of the script that are incorrectly attempting to access files or areas outside of your webspace. Ensure that any commands or functions within your script that are designed to read, open or write to files are opening the file in the correct location by using the correct, local, path.

    If you need to manually remove this for websites add the following int he domian's virtual host entry.
    php_admin_value open_basedir none
     
  3. nicklas

    nicklas Well-Known Member

    Joined:
    Dec 22, 2005
    Messages:
    117
    Likes Received:
    0
    Trophy Points:
    16
    cPanel Access Level:
    Root Administrator
    Thanks for your reply, it's much appreciated.
    Could you please tell me which file I have to modify for the Virtual hosts entry?

    Thanks
     
  4. Spiral

    Spiral BANNED

    Joined:
    Jun 24, 2005
    Messages:
    2,023
    Likes Received:
    7
    Trophy Points:
    0
    It's your "httpd.conf" file usually located at /etc/httpd/conf
     
Loading...

Share This Page