• If you are still using CentOS 7.9, it's time to convert to Alma 8 with the free centos2alma tool by Plesk or Plesk Migrator. Please let us know your experiences or concerns in this thread:
    CentOS2Alma discussion

open_basedir + vhost.conf

D

dsxs

Guest
Hello

Although this is a very hot topic and there's plenty of threads covering it already, I'm not able to disable the open_basedir restrictions for some of my vhosts.

Being conscious of the security issue, I disabled open_basedir for the entire server successfully, phpinfo() now shows "no value" für the open_basedir master value.

However, the "local" row for open_basedir still shows

/var/www/vhosts/TLD/subdomains/tz2/httpdocs:/tmp

Configuring a vhost.conf file for the specific vhost doesn't seem to turn off open_basedir, i tried setting it to "/", to "none" or to "off", nothing worked.

Is it possible, that apache itself keeps a settings file which enables open_basedir by default? Where else should I have a look to make the desired changes?


Thanks in advance for any possible help, I'd very appreciate some quick hints.

Greetings, steve
 
I made it work.
For example if you want to change the
Just make a file : open_basedir option for a site located inside the httpsdocs (just like I did)

go to : /home/httpd/vhosts/yourdomain.tld/conf/
make a file named: vhost_ssl.conf
and type inside :

<Directory /home/httpd/vhosts/mydomain.tld/httpsdocs>
php_admin_value open_basedir none
</Directory>

It worked for me in a box with plesk 7.5.3
 
Marios is right, but to cover all the bases you would have to create both vhost.conf and vhost_ssl.conf and make appropriate changes to the paths (httpdocs vs httpsdocs).

If you look at each domain's httpd.include file, you will see that within each <VirtualHost ip.ad.dr.ess:80> and <VirtualHost ip.ad.dr.ess:443> section there is:
Code: 
<IfModule sapi_apache2.c>
     php_admin_flag engine on
     php_admin_value open_basedir "somepath:/tmp"
</IfModule>
Since this is in the domain's httpd.include file, it over-rides the global php.ini.

With the domain's vhost.conf and vhost_ssl.conf you can over-ride the domain's httpd.include.

If you were to make changes to the httpd.include file, your changes would be overwritten the next time Plesk made changes to the domain. Which is why you would want to do the changes in the vhost files.

After creating the vhost.conf and/or vhost_ssl.conf files, you must run the command:
/usr/local/psa/admin/bin/websrvmng -u --vhost-name=domain.com
(replace domain.com with the name of the domain)

Then restart the Apache service. Then the changes will take effect.

Hope this takes the 'mystery' out of it...
 
You must log in or register to reply here.

Similar threads

I
Using Elastic Stack for Data Analysis and XenForo for Forums
Replies
0
Views
2K
igubaidullin
I
P
Resolved set handler for .php in symlinked directory
Replies
2
Views
1K
Juul
J
A
How to add Centralized Slave DNS to Plesk Multi Server
Replies
0
Views
2K
Anton Akhtyamov
A
D
Sql tuner advise
Replies
2
Views
1K
DiPolo
D
C
How do i change open_basedir?
Replies
4
Views
3K
CircarC
C
Back
Top