1. Please take a little time for this simple survey! Thank you for participating!
    Dismiss Notice
  2. Dear Pleskians, please read this carefully! New attachments and other rules Thank you!
    Dismiss Notice
  3. Dear Pleskians, I really hope that you will share your opinion in this Special topic for chatter about Plesk in the Clouds. Thank you!
    Dismiss Notice

private directory to be added to open_basedir

Discussion in 'Plesk for Linux - 8.x and Older' started by Rocky@, Apr 25, 2005.

  1. Rocky@

    Rocky@ Guest

    0
     
    I need to run php script in the 'private' directory, and I understand that I need to include it in the open_basedir in order to do so.

    I would like to include that directory ('private') to all domains by default as it is created. How do I do that. Just add that path to the httpd.include in the /etc/httpd/conf/?

    Thanks for the help.

    Sam
     
  2. Cranky

    Cranky Guest

    0
     
    The private directory's not designed to be accessed by scripts. You'll need to change the permissions on the private directory of every domain to open up access.
     
  3. Rocky@

    Rocky@ Guest

    0
     
    Hi Cranky, good to see you again.

    My problem was more than the permission. I had to use the individual vhost.conf to turn the open_basedir restriction off for this domain. Of course, using root access and all. This can be done in a few mouse click on CPanel.

    I have been setting up this CMS for five years for many sites and never had to get into the shell to tweak the server settings in order to set it up. From now on, every time I set up a PHP script that needs to place outside of the httpdocs, I have to use root access. Or every time my client wants it, I have to do it MANUALLY for them.

    Boy, what a learning curve! I have got this box with Plesk for 17 days now. I learn all the tricks MANUALLY. I was thinking this morning, what does Plesk do for me. It seems like a pretty face that does nothing.

    Now, I feel like I am married to a beauty qeen and I have to do all the cleaning, cooking, laundry...... It's hard to leave her and it's hard to stay with her.:D

    Sam
     
  4. steve0

    steve0 Guest

    0
     
    It's a pretty face that attempts to setup your hosting box as securely as possible in a default installation and frankly it does a fairly good job. Some things should always be left up to the superuser. ... Just my humble opinion .. .
     
  5. Rocky@

    Rocky@ Guest

    0
     
    Fact: CPanel is not less secure than Plesk.

    I don't want to go to the extreme of Plesk bashing. This is my objective consumer opion:

    Plesk is made to serve the webhosters, as it is intented for. I am a webdeveloper and got a Plesk box to sell hosting on the side, so I see both sides of the issue.

    I am sure Plesk would do a good job allowing me to handle the clients and resellers. But many of the obsticles I ran into were during production. We must not forget that we are hosting the sites for the web designers and webmasters. If they find it hard to get their job done on our hosting settings, how does it benefit our hosting business?

    Now, I fully understand why CPanel is capturing the market. It's simply because the ease of use on the client side.

    I am sure after using CPanel for production, I don't want to use Plesk becuase I end up consuming more time on settings. I went to CPanel with ease, but came back with a nightmare. I will get use to it since I am the super user, and I will get only clients that has never experienced the ease of CPanel, and maybe mostly those FrontPage users having websites for fun.

    One thing regarding your opinion on "something should always be left for the superuser," I agree on certain things, as CPanel also require su sometimes, but most of them can be done on the web interface. When time becomes money, you want to reduce the frequecy of having your customer calling you for everything, and you want to be able to fulfill it by simply clicking on a few buttons. If it were me, I can't always wait for my host for hours to set something up for me to continue my project that can be finish in 10 minutes. I would just change the host.

    After all, I have to decide whether I want to be a webhoster. Plesk might serve me as a host, but CPanel serves me as a webdeveloper or webmaster. My struggle is why I should use Plesk to host others since ultimately, it is the webmasters that we are to serve and Plesk is not so convenient for them.

    Sam
     
  6. Cranky

    Cranky Guest

    0
     
    It's got nothing whatsoerver to do with Plesk vs CPanel. PHP configuration is down to you - and can easily be tailored to work effectively for most scripts. If you want to upload a script to Plesk's private directory which is DESIGNED to be private and inaccessible by any scripts then you're making yourself work.
     
  7. Rocky@

    Rocky@ Guest

    0
     
    Oh yes I chose the private directory because it is the only thing closest to what I needed. Normally, what I need is to put part of my CMS config and system files below the httpdocs. What should I do? In CPanel I simply create a directory there. But in Plesk I can't creat a directory there. It seems that I might be able to use the tmp folder or the private. Anyway, the point is I can accomplish this on CPanel without tweaking anything by ssh to the root.

    OK, one of my favorite CMS is Geeklog, probably the best and the most secure one around. Hope you don't cry when you see this in the FAQ:

    This problem is mostly reported by Plesk users. I paid more to put Plesk on my server, and it is functioning like "free or cheap" ones for those who don't know what it is?

    And another popular script, OSCommerce, also needs to place part of the script behind httpdocs.

    I am not here to put down Plesk. I can simply laugh and leave. I want Plesk to reach its potential, as it is quite nice for the webhosters. But if they are like you, I hope not, defensive and not willing to make the life of the users easier for the money they get, CPanel's gonna take over, no doubt. I am a very patient guy, if Plesk can't keep me, I don't think it can have a better market share.

    Selling cheap to the datacenters to stuff it in the servers wouldn't work for long. Just look at EV1, they were faithful Plesk and Ensim carriers. Now the big guy has to carry CPanel, why? If you have been around RackShack forum a couple of years ago, there were requests for RS to carry CPanel almost daily. Now they finally gave in. Look at their servers. More often, the CPanel servers are sold out first, and only Plesk ones left. (That's how I got mine.:rolleyes: ) I wondered why, and now I know. But still, I am squeezing out my hope.

    Sam
     
  8. xrom

    xrom Guest

    0
     
    Rocky

    I have same problem. ( need to run php script in the 'private' directory). Can you tell what need to do to make this hapen?
     
  9. Cranky

    Cranky Guest

    0
     
    You're not getting my point. It's not a Plesk problem, it's just something you need to change in the way you work. Fair enough, in CPanel you used a directory outside public_html, in Plesk you can either create a directory like this manually via SSH, or create a directory within httpdocs and add a .htaccess file so the directory is inaccessible to the web.

    There's not many of us left around here offering help ("help" that's what I'm doing here replying to you at 3.30AM). If you don't want help from me then ignore my posts, I've no problem with that. I've probably suggested more features and reported more bugs to SWsoft than all but a very small minority of users (many of which have been implemented), whilst these things you are asking for may be nice, there are much higher priority features required first in my opinion as this just requires a small change to the way you work.

    Regarding open_basedir, that's still not a Plesk limitation, it can be adjusted in php.ini and/or vhost.conf.

    Regarding Rackshack, when they weren't offering Plesk a couple years back there were a lot of cries asking for it in the forums, and it was added. If you have feature requests for Plesk add them to the list:

    http://forum.sw-soft.com/showthread.php?s=&threadid=21558

    I know for certain that SWsoft are aware the list is there, and some of the requests will make their way into R&D.
     
  10. Rocky@

    Rocky@ Guest

    0
     
    Xrom,

    I assume that you have root access, otherwise you have to ask your host to do so.

    I use SFTP (FileZilla) to access it.

    #1 create two files and name them vhost.conf and vhost_ssl.conf and put the following configuration codes in them (for vhost_ssl.conf use httpsdocs in place of httpdocs). Upload these two files to the related domain's 'conf' directory (the one you usually see listed together with the domain's httpdocs directory).



    Code:
    <Directory /home/httpd/vhosts/domain.com/httpdocs>
    php_admin_value open_basedir none
    </Directory>
    
    <Directory /home/httpd/vhosts/domain.com/httpdocs>
    php_admin_value open_basedir /home/httpd/vhosts/domain.com
    </Directory>
    


    #2 CHMOD the 'private' directory to 755

    That's it.

    Hope this help.

    Sam
     
  11. Cranky

    Cranky Guest

    0
     
    That could cause problems in future as Plesk upgrader will likely reset the permissions back to default. You'd be much better off creating a separate directory, or a directory within httpdocs and protecting via .htaccess.
     
  12. Rocky@

    Rocky@ Guest

    0
     
    Bingo, another problem that bothers me. Upgrader would switch everything back.

    Notice, at the beginning, my question was to change the default setting to automatically open up the 'private' directory when the domain is created, or add a directory in that nature. That can't happen because once you upgrade, all your customers using those directories would be locked out.

    The only way to prevent that is using vhost.conf. That means, you have to do it site by site. That will make the host busy.

    Sam
     
  13. Cranky

    Cranky Guest

    0
     
    Not necessarily, you could configure vhost.conf in the skeleton directory so it's automatically generated when Plesk is run. One way to avoid the upgrade resetting permissions on your private directory would be to run something like this after the upgrade:

    chmod 755 /home/httpd/vhosts/*/private
     
  14. Rocky@

    Rocky@ Guest

    0
     
    That's the kind of nuisance about Plesk I have been talking about. Will l remember it? I might not, until the customer complains. Even then, I might end up spending several minutes diagnosing the problem.

    Sam
     
  15. Cranky

    Cranky Guest

    0
     
    Why use the private directory then? If you use it for what it is designed for the "nuisance" ceases to exist.
     
  16. Rocky@

    Rocky@ Guest

    0
     
    How could I know that wasn't designed for it? It might be in the manual, but I surely have missed it. It says private and I was trying to put private files in it. Eventhough they are PHP scripts, I regard them as private files because they have my private configurations.

    Anyway, I created a different directory because I realized the potential problem, not because I found out it wasn't designed for such needs.

    Sam
     
  17. xrom

    xrom Guest

    0
     
    I don’t know, but i think it related. After I create subdomain, customer want keep his mp3s files separate from httpdocs, the php script located in base domain have same open_basedir restriction error. I do not see any reason for this.

    There will be no any problem to put folder under httpdocs, but owner do not want give his ftp access to person who will load files. You won't be able to setup multiple FTP accounts either, as Plesk doesn't allow that. So what is best way ?
    a) create multiple FTP accounts (how?)
    b) remove open_basedir restriction

    A and B probably will be useless after next upgrade.

    Sorry if this not right topic. Just hurt
     
  18. Cranky

    Cranky Guest

    0
     
    Instead of creating the vhost.conf file as above create:

    /home/httpd/vhosts/domainname.com/subdomains/subdomainname/conf/vhost.conf
     
  19. Cranky

    Cranky Guest

    0
     
    Actually, one crucial thing was missed above in Rocky's post. After creating the vhost.conf file you need to rebuild apache configuration file:

    /usr/local/psa/admin/sbin/websrvmng --reconfigure-vhost --vhost-name=yourdomain.com

    Then check apache for problems:

    service httpd configtest

    If no problems, restart apache:

    service httpd restart
     
  20. Rocky@

    Rocky@ Guest

    0
     
    Hay Cranky, you are still awake!

    I commend your community spirit, but have some sleep. There are enough people to keep you busy out here.

    Sam
     
Loading...