1. Please take a little time for this simple survey! Thank you for participating!
    Dismiss Notice
  2. Dear Pleskians, please read this carefully! New attachments and other rules Thank you!
    Dismiss Notice
  3. Dear Pleskians, I really hope that you will share your opinion in this Special topic for chatter about Plesk in the Clouds. Thank you!
    Dismiss Notice

php Safe mode and other things

Discussion in 'Plesk for Linux - 8.x and Older' started by phatPhrog, Apr 8, 2006.

  1. phatPhrog

    phatPhrog Guest

    0
     
    Who the poodle decided to change php safe mode to ON by default?

    Who decided to make the PHP
    instead of
    where it used to be.....and why the fudge did you decide to change the
    to
    Perhaps you'd like to change something else that will make our upgrade headaches just a bit more intense before offering a better and more comprehensive update/upgrade guide!

    Anyone?

    There are major plus' to Plesk 8/FC4, but a little better conversion from prior versions would certainly be appreciated by most.

    Although I have a test server . . . . Not all folks have the luxury of testing your software before actually installing/upgrading to a production server!

    We should be offered a more comphensive upgrade guide and/or BETA testing facility without sacrificing our time and money to verify the viability of this product.

    Not that thiis matters. Yes. I am :eek:

    Just so anyone concerned knows. These rants are related to an upgraded server from Plesk 7.5.4/FC2 to Plesk 8.0/FC4
     
  2. Pagemakers

    Pagemakers Silver Pleskian

    31
    80%
    Joined:
    Dec 19, 2007
    Messages:
    664
    Likes Received:
    7
    We have just spent a day trying to resolve a problem we were having. It turned out it was caused because safe mode was on for the domain. Now I have turned it off, everything is fine again.

    I agree with the post above. It it was off by default in V7 and on by default in V8, shouldn't we have been informed about the change?
     
  3. raversnet

    raversnet Guest

    0
     
    Guys i just went through the upgrade to version 8 as well. I started having problems with my coppermine galleries and through some searching i think its due to Safe_Mode being on.

    My PHP core page says Safe_Mode on.

    I checked php.ini and it says its off in /etc/php.ini

    I have no idea how to go about turning this off and any help would be appreciated.

    Thanks,

    Rob
     
  4. NightStorm

    NightStorm Guest

    0
     
    Open the domains list, and select all the domains at once (checkmark them all). Above the domains list, click on "Group Operations" and in the new page, scroll down to disable safe_mode.
    Isn't it great that sw-soft listened to the users default settings, isntead of forcing all of their users to enable safe_mode by default? ;)
     
  5. Pagemakers

    Pagemakers Silver Pleskian

    31
    80%
    Joined:
    Dec 19, 2007
    Messages:
    664
    Likes Received:
    7
    From Plesk support:

    "Since Plesk 8 PHP safe mode is manageble per eatch domain in the hosting setup page. For more security the default value is 'on'."
     
  6. raversnet

    raversnet Guest

    0
     
    Thanks guys! I noticed they made it setable per-domain but finding out where or how wasnt working for me.

    Definitely wasnt cool to change settings like that. What a waste of time that was.

    Thanks again.

    Rob
     
  7. phatPhrog

    phatPhrog Guest

    0
     
    PHP Safe Mode ON

    Exactly how does PHP-Safe-Mode=On ensure security?

    So far, on our test server, php safe mode has caused more problems than with it off.

    Also, with safe-mode=on, how does one with 100 clients properly manage a migration without having to major hours to make such a migration.

    Not bitching...just askin'
     
  8. BuilderNiche

    BuilderNiche Guest

    0
     
    In Domain Template?

    Great thread. It sure helped me out, after I kept verifying I had safe_mode Off, or 0, in the correct php.ini file yet the domains continued indicating safe_mode was on.

    But, I'd really really like to see Plesk 8 Domain Template include that "(PHP 'safe_mode' on ) checkbox"
    In the Template, it only says PHP support . The group method mentioned above and editing seem to be the only places Plesk adds that important "(PHP 'safe_mode' on ) checkbox."

    Any other workaround short of editing hosting setup on a domain once it's set to turn off PHP safe_mode?
     
  9. JoeBoo

    JoeBoo Guest

    0
     
    I turned off safe mode using the above mentioned method and it makes no change...even in my php.ini safe mode is turned off and i still have things saying that safemode is ON :mad: :confused:

    *edit*

    i didnt restart apache...once i did that all was fixed. :eek:
     
  10. angurio

    angurio Guest

    0
     
    is there any point using software such as plesk?

    to be honest.. the more i administrate.. the more i just trust an ssh window and CLI.

    how many times have i had to try to findout what plesk is doing.. its just another abstraction layer.. that leaves me abstracted.

    sure it works. and thanks to this post i havent spent 3 days banging my head re; safe_mode. but my next box will be just CLI. no value add.. thanks.

    a.
     
  11. JDwebsites

    JDwebsites Guest

    0
     
    I am still having trouble with Coppermine uploads. I get this error when attempting to upload

    File Name/URL Error Message
    1. Feb2007%20(135).jpg Impossible to move.

    I have Safe mode off and I have tried setting up Copper mine on 2 differnt domains with the same problem.

    I have a clean install from 1and1 of plesk 8.1 and I have not changed the php.ini file.

    anyone have any ideas what is causing this uploading error.

    Thanks.

    Dean
     
  12. breun

    breun Golden Pleskian

    29
     
    Joined:
    Jun 28, 2005
    Messages:
    1,647
    Likes Received:
    0
    I'm pretty sure I read about the change in the release notes at the time. Same goes for the move to /var/www.
     
  13. breun

    breun Golden Pleskian

    29
     
    Joined:
    Jun 28, 2005
    Messages:
    1,647
    Likes Received:
    0
    Re: PHP Safe Mode ON

    PHP safe_mode imposes several restrictions (disables access to certain functions, etc.). Yes, this means safe_mode may prevent certain software from working, but it generally means a smaller chance at security problems, so it is considered A Good Thing (tm) to have enabled on shared hosting servers.

    Software that cannot run with PHP safe_mode enabled usually tells you so in its install instructions, so you can disable safe_mode for a domain that runs trusted software that needs access to those blocked functions.
     
  14. HolmesSPH

    HolmesSPH Guest

    0
     
    Listen guys PHP Ssfe_mode is a CROCK!

    They are already REMOVING it from new versions of PHP lol..

    I upgrade last night and it took me forever to figure out that it turned php-safe_mode to on because I supress errors.. I turned error display on and bam I get those errors lol..

    I looked in php.ini and they were set to on.. so I turned them off and then restarted appache.. and it still gave me the the error messsage.

    So I went to EACH domains conf folder and edited their "httpd.include" file and did away with the safe_mode flag.


    THEN THIS MORNING i saw that there was now a switch in the domain administrator to turn it off... lol I guess it's a "Feature"... whatever
     
  15. breun

    breun Golden Pleskian

    29
     
    Joined:
    Jun 28, 2005
    Messages:
    1,647
    Likes Received:
    0
    You might want to read the release notes before installing updates next time...
     
  16. HolmesSPH

    HolmesSPH Guest

    0
     
    Perhaps... although plesk should read information on php features before releasing them into production.

    Your release of safe_mode on was the dumbest thing ever.

    Actually the dumb part wasn't neccessarily that its a new feature, its that the new feature OVER WROTE it self onto every domain!

    What kind of BS **** is that? You don't know if that is going to break someone's site.. You didn't even know it was a buggy feature in PHP lol

    How can you retro-act a feature like safe mode of all things and then cop an attitude when users have issues with it and complain.

    We ASSUME that plesk is smart enough to not do moronic things like that lol...

    Guess we're wrong.. From now on ill have to baby sit Plesk's release features, and make sure they don't include more site crashing antics
     
  17. redpaint

    redpaint Guest

    0
     
    Hi All,

    I also ran into a problem with PHP and Safe Mode. We're running FreeBSD and we tracked the problem down to the httpd.include file under a specific domain it was listing:

    PHP:
    php_admin_value open_basedir "/usr/local/www/vhosts/<DOMAIN>/httpdocs:/tmp"
    #AND
    php_admin_value open_basedir "/usr/local/www/vhosts/<DOMAIN>/httpdocs:/tmp"
    To get it to work correctly we simply changed this to:

    PHP:
    php_admin_value open_basedir "/usr/local/www/vhosts/<DOMAIN>/httpdocs:/var/tmp"
    #AND
    php_admin_value open_basedir "/usr/local/www/vhosts/<DOMAIN>/httpdocs:/var/tmp"
    Although is says:
    PHP:
    #ATTENTION!
    # DO NOT MODIFY THIS FILE OR ANY PART OF IT. THIS CAN RESULT IN IMPROPER PLESK
    # FUNCTIONING OR FAILURE, CAUSE DAMAGE AND LOSS OF DATA. IF YOU REQUIRE CUSTOM
    # MODIFICATIONS TO BE APPLIED TO THE CONFIGURATION, PLEASE, PERFORM THEM IN THE
    # FOLLOWING FILE(S):
    # /usr/local/www/vhosts/<DOMAIN>/conf/vhost.conf
    # /usr/local/www/vhosts/<DOMAIN>/subdomains/<subdomain-name>/conf/vhost.conf
    editing these files did not work.

    I did not have to modify php.ini away from safe_mode to get this to work.

    Hope this helps someone.
     
  18. breun

    breun Golden Pleskian

    29
     
    Joined:
    Jun 28, 2005
    Messages:
    1,647
    Likes Received:
    0
    So there is no /tmp on FreeBSD by default? Then you might want to send SWsoft a bug report (bugreport@swsoft.com) about this.

    It might be better (for now) to solve this by making /tmp a symlink to /var/tmp, as Plesk will overwrite httpd.include at some point (that's why it says not to edit the file).
     
  19. redpaint

    redpaint Guest

    0
     
    Actually there is a tmp folder, however my error log says
    PHP:
    [Tue May 08 13:20:52 2007] [error] [client 81.149.130.129PHP Warningsession_start() 
    [<
    a href='function.session-start'>function.session-start</a>]: open_basedir restriction in effect
    File(/var/tmpis not within the allowed path(s): (/usr/local/www/vhosts/<DOMAIN>/httpdocs:/tmp
    in /usr/local/www/vhosts/<DOMAIN>/httpdocs/<FILE>.php on line 5

    [Tue May 08 13:20:52 2007] [error] [client 81.149.130.129PHP Fatal errorsession_start()
    [<
    a href='function.session-start'>function.session-start</a>]: Failed to initialize storage module
    files (path: ) in /usr/local/www/vhosts/<DOMAIN>/httpdocs/<FILE>.php on line 5 
    I assumed, perhaps incorrectly, that httpd.include was referencing /tmp where it should have been referencing /var/tmp. Possibly something else is awry, however changing the value in httpd.include solved the problem. I'll follow your suggestion, unless there is something else anyone can see from the error message.

    Many Thanks
     
  20. breun

    breun Golden Pleskian

    29
     
    Joined:
    Jun 28, 2005
    Messages:
    1,647
    Likes Received:
    0
    Apparently the PHP script that is accessed tries to use /var/tmp, but this access is blocked because /var/tmp is not in the open_basedir path by default. You could add /var/tmp to the domain's open_basedir path to fix this (see http://kb.swsoft.com/article_41_432_en.html) or maybe even easier: change the PHP script to use /tmp instead of /var/tmp.
     
Loading...