• If you are still using CentOS 7.9, it's time to convert to Alma 8 with the free centos2alma tool by Plesk or Plesk Migrator. Please let us know your experiences or concerns in this thread:
    CentOS2Alma discussion

Open Base DIR

R

rmiinc

Guest
This restriction is a default setting with servers using Plesk. The (open_basedir) restriction means your server is limiting our files to a specific folder and no file can be called outside of that folder. If a file within httpdocs tries to access a file in httpsdocs to make it secure we will get the (open_basedir) restriction message because you tried to pull a file outside of the folder you originated from.

To change this, we need to edit the open_basedir path for both the httpdocs and the httpsdocs folders. Once this is fixed correctly, files within both of these folders will be able to talk to each other without restriction. see below for example of how it should look:

For httpdocs, the current "open_basedir" setting within PHP is:

/home/httpd/vhosts/myWebsite.com/httpdocs:/tmp

It needs to be changed to:
/home/httpd/vhosts/myWebsite.com/:/tmp

can anyone lend some advice on how to do this?

Thanks.
 
Is it possible to change the default setting that Plesk uses for this when it sets up a new domain?
 
I'd be interested in solving this open base restriction thing, it's getting in the way of a lot of websites and stuff.

How exactly would this vhost.conf thing work? I tried it and it didn't seem to work at all.

Also, what are the implications in terms of security of disabling or modifying this?

And finally, why is it that it causes a problem sometimes? Even when the website is clearly trying to access a file in it's own vhost directory it brings it up :S
 
How exactly would this vhost.conf thing work? I tried it and it didn't seem to work at all.
Click to expand...

http://kb.swsoft.com/article_41_432_en.html

It works perfectly AFAIK.

Also, what are the implications in terms of security of disabling or modifying this?
Click to expand...

open_basedir is a security measure. PHP scripts can never operate outside its open_basedir path. Disabling open_basedir allows scripts to operate on all locations. Of course basic Unix file ownership and permissions are still in effect. When you modify a domain's open_basedir path make sure you only add directories that you know scripts should be able to access.

And finally, why is it that it causes a problem sometimes?
Click to expand...

Sometimes a web app is written to have files outside the default document root (httpdocs), so you'll need to add those locations to the default open_basedir.

Even when the website is clearly trying to access a file in it's own vhost directory it brings it up :S
Click to expand...

That shouldn't happen.
 
Thanks for the detailed reply, I'll act on what you've suggested and let you know. Cheers!
 
Right,

I created the vhost.conf file as that article you linked too said and restarted Apache and it still brings up the error.

It's trying to access a file in the httpdocs folder so I don't understand why it would get this restriction seeing as it's in the right place. It makes no sense too me.

I'm creating this for a sub-domain, should this be in the subdomains conf folder or the main domain conf folder?

I've only tried the main domain conf folder.

Cheers for your help.
 
Can you post the open_basedir as reported by phpinfo(); in the dir of the script and the error message?
 
Hello,


If you need for the subdomain then you should put of course under the subdomains conf.
Then run websrvmng, followed by apache restart.
 
fixed!

Hi kieranjones! (i'm adding you to my "buddies" as we seem to keep having the same problems)

http://bugs.php.net/bug.php?id=22220 taught me to try the value none (instead of "") to unset the value. Apearantly that doesnt work for some, but it works for me, so this is MY end of research for this issue. Give it a shot and let me know if it doesnt work for anyone, as I assume we all use the same apache/php...

My /var/www/vhosts/mycompany.com/subdomains/subdomain_name/conf/vhost.conf (for a "single directory for housing SSL and non-SSL content" subdomain) is as follows:
Code: 
<Directory /var/www/vhosts/mycompany.com/subdomains/[i]subdomain_name[/i]/httpdocs>
        php_admin_value open_basedir none
</Directory>
After I set this, I ran:
Code: 
/usr/local/psa/admin/sbin/websrvmng -v -a
and phpinfo(); now shows open_basedir no value.

Maybe-not-so-obviously I have cleverly replaced my real information with the examples 'mycompany.com' and 'subdomain_name' so substitute these for your real information.

Additionally, you may need to be using vhost_ssl.conf instead of vhost.conf. This does not apply to me, but may to you as mentioned here: http://kb.swsoft.com/article_41_432_en.html
 
You must log in or register to reply here.

Similar threads

N
Question open_basedir issue with borlabs cookie
Replies
3
Views
452
Peter Debik
P
LionKing
Issue PHP Warning: Unknown: open_basedir restriction in effect
Replies
8
Views
2K
Peter Debik
P
N
Issue NGINX FastCGI Cache open_basedir restriction bug?
Replies
1
Views
886
Peter Debik
P
S
Question Help access subdomain images from primary domain
Replies
3
Views
1K
SkyB
S
M
Resolved How to update default open_basedir for all websites?
Replies
6
Views
1K
Peter Debik
P
Back
Top