The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Warning: open_basedir restriction in effect

Discussion in 'General Discussion' started by Ver17, May 27, 2005.

  1. Ver17

    Ver17 Active Member

    Jun 9, 2004
    Likes Received:
    Trophy Points:
    I have a client who is trying to set up a froogle feeder for OS Commerce and is getting an error saying there are directory restrictions "Warning: open_basedir restriction in effect".

    When doing multiple Google and cPanel searches for a solution I find a number of things including this.... "For security purposes, your host is running PHP in safe mode. If you are tying to install a script that will allow the outside world to upload files to the server, this will be disallowed by default. Create a vhost.conf file that will allow uploading via PHP.".... I also found more info on the vhost.conf but I can not find it on our server.

    Is this file created by default or do I have to create it? If I have to create it where do I put it so it fixes this clients issue but does not comprimise the overall server?

    Thanks for any help.
  2. Blue|Fusion

    Blue|Fusion Well-Known Member

    Sep 12, 2004
    Likes Received:
    Trophy Points:
    Cleveland, Ohio
    In WHM Security tweaks, you must exlude that site's virtualhost in the open_basedir protection page.
  3. RickG

    RickG Well-Known Member

    Feb 28, 2005
    Likes Received:
    Trophy Points:
    North Carolina

    By default, the open_basedir restriction prevents users from running PHP scripts outside of their /home/accountname/ directory. As Blue|Fusion indicated, you can remove the restriction on that account if needed through the WHM.

    However, you can also control this through an entry in .htaccess or php.ini (depending if phpsuexec is running), as well as in the httpd.conf file. In fact, if you look in /usr/local/apache/conf/httpd.conf, you will find a directive in the account's VirtualHost container that is something like this:

    <IfModule mod_php4.c>
    php_admin_value open_basedir "/home/AccountName:/usr/lib/php:/usr/local/lib/php:/tmp"

    Basically the above states the account can only run PHP scripts in the directories indicated (or anything below them).

    I'm not familiar with this froogle feeder ... but I'd want to know what they are trying to do that would install something outside of their home directory. I've had a case where it made sense to install "shared" php scripts (for all accounts) in a directory such as /home/common/ ... but you then have to adjust the open_basedir directive above to include this directory otherwise they will not run.

    Hope this is of some help -
    #3 RickG, May 28, 2005
    Last edited: May 28, 2005

Share This Page