Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!

safemode was off, turned on , and now off again - problems now.

Discussion in 'General Discussion' started by nappa, Jan 17, 2004.

  1. nappa

    nappa Active Member

    Joined:
    Aug 2, 2003
    Messages:
    32
    Likes Received:
    0
    Trophy Points:
    156
    I needed to turn on safemode about two weeks ago. Becuase a hostee planned to host a free hosting site. I wanted to secure the machine as much as possible. But he decided to can it - and I tried to go back to safemode = off. But now occationally I am getting safe mode errors about open base directory restrictions. The thing is that I've excluded that directory from restrictions. And I've also stopped using ./file.php in the source of files - thinking that is the problem. But what I see is the problem is that other usernames' restrictions are being applied to the one that I have.

    Ie. The home partition for my problem directory is -

    /home/ponoko

    the one that is showing up is

    /home/krissi


    to make it clear - the page tells me that open directory restroction ( of krissi ) is in affect - thus they can't show /home/ponoko/www/forums.php

    Does anyone know how to fix it. I've used easy apache to change mode and back. Any help is greatly appreciated. Thank
     
  2. LP-Trel

    LP-Trel Well-Known Member

    Joined:
    Oct 13, 2003
    Messages:
    184
    Likes Received:
    0
    Trophy Points:
    166
    Location:
    Nirvana
    That might be the open_basedir tweak. Try to disable it and see what happens. ;)
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  3. nappa

    nappa Active Member

    Joined:
    Aug 2, 2003
    Messages:
    32
    Likes Received:
    0
    Trophy Points:
    156
    on the entire server -- that is not a great idea for me. One of my said idiot user had a unsecured upload form - some guys uploaded some php script and wrecked havok on his site. Thankfully THAT saved them from gaining access to the entire server. I don't want to take that risk again.

    Is there anything else that may be done ?

    I've already disabled openbase dir on that account. But it still does.


    ----- I did notice that the affect account didn't have a open base dir clause in httpd. I've added it's own. And hopefully it won't happen.
     
  4. haze

    haze Well-Known Member

    Joined:
    Dec 21, 2001
    Messages:
    1,550
    Likes Received:
    3
    Trophy Points:
    318
    Try recompiling php without safemode. Sometimes just turning it off isn't good enough.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  5. nappa

    nappa Active Member

    Joined:
    Aug 2, 2003
    Messages:
    32
    Likes Received:
    0
    Trophy Points:
    156
    That is exactly what I did. I had the default PHP (safemode off ) for the last 6+months

    Then I recompiled with easy apache with the safemode ticked.

    edited the php.ini to make it safemode on.

    Then recomplied with easyapache without safemode - runing off the safemode in php.

    NAPPA
     
  6. haze

    haze Well-Known Member

    Joined:
    Dec 21, 2001
    Messages:
    1,550
    Likes Received:
    3
    Trophy Points:
    318
    Does phpinfo show safemode off ? does it show safemode at all?
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
Loading...

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice